What Is Remote Code Execution (RCE)?
RCE Short Definition:
The ability to trigger arbitrary code execution from one computer on another (mostly via the Internet) is widely known as remote code execution. Remote code execution is also known as arbitrary code execution. RCE attacks are based on specific vulnerabilities.
RCE Extended Definition:
RCE is an attack concept that involves a threat actor that can remotely command the operation of another person’s machine.
What makes it possible for attackers to execute malicious code and gain control over a compromised system is the use of specific vulnerabilities. Once the system is under the attackers’ control, they can elevate their privileges and continue with arbitrary code execution. The best way to prevent RCE attacks is by never allowing vulnerabilities to be exploited. Unfortunately, remote code execution flaws are widely-spread.
Two examples of remote code execution vulnerabilities are CVE-2020-1425 and CVE-2020-1457 in several Windows 10 and Windows Server versions. Both flaws were reported to Microsoft by vulnerabilities analysis manager Abdul-Aziz Hariri via Trend Micro’s Zero Day Initiative.
The critical CVE-2020-1425 vulnerability is described as a remote code execution vulnerability which exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system, Microsoft says in the official advisory. The vulnerability can be exploited under the condition of a program processing a specially crafted image file.
The CVE-2020-1457 vulnerability is also related to remote code execution, and it also exists in the way that Microsoft Windows Codecs Library handles objects in memory. The exploitation of the vulnerability is similar to the other flaw, as it also requires that a program process a specially crafted image file.
For more definitions, check our Cyber Dictionary.