{"id":"CVE-2020-24307","details":"An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. NOTE: third parties were unable to reproduce any scenario in which the claimed access of BUILTIN\\Users:(M) is present.","modified":"2026-04-10T04:27:52.019631Z","published":"2023-02-02T12:15:08.893Z","references":[{"type":"WEB","url":"https://github.com/NyaMeeEain/Infrastructure-Assessment/blob/master/Privilege%20Escalation/Common%20Windows%20Privilege%20Escalation.md"},{"type":"ADVISORY","url":"https://packetstormsecurity.com/files/170794/mRemoteNG-1.76.20-Privilege-Escalation.html"},{"type":"REPORT","url":"https://github.com/mRemoteNG/mRemoteNG/issues/2338"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mremoteng/mremoteng","events":[{"introduced":"0"},{"last_affected":"068f5942e73a0b4e3c461d861216788ac5a4958a"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.76.20"}]}}],"versions":["1.50","1.60","1.62","1.63","1.64","1.65","1.66","1.67","1.67RC1","1.67RC2","1.67RC3","1.67RC4","1.67RC5","1.68","1.70Beta1","1.70Beta2","1.71Beta1","1.71Beta2","1.71Beta3","1.71Beta4","1.71Beta5","1.73Beta1","1.73Beta2","v1.75Alpha2","v1.75Alpha3","v1.75Aplha1","v1.75Beta1","v1.75Beta2","v1.75Beta3","v1.75RC1","v1.76.10","v1.76.12","v1.76.13","v1.76.14","v1.76.15","v1.76.16","v1.76.17","v1.76.18","v1.76.20","v1.76.5","v1.76.6","v1.76.7","v1.76.8","v1.76.9","v1.76Alpha1","v1.76Alpha2","v1.76Alpha3","v1.76Alpha4","v1.76Alpha5","v1.76Alpha6"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-24307.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}