A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka ‘LNK Remote Code Execution Vulnerability’.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1421
Reference (s):
- https://www.zerodayinitiative.com/advisories/ZDI-20-923/
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1421
- URL: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1421