Remote Desktop Client
CVE-2022-26940
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from Vendor (microsoft) · only source for this CVE.
CVSS VectorVendor: microsoft
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
Remote Desktop Protocol Client Information Disclosure Vulnerability
AnalysisAI
Remote Desktop Protocol Client Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Technical ContextAI
Remote Desktop Protocol Client Information Disclosure Vulnerability Affected products include: Microsoft Remote Desktop Client, Microsoft Windows 11, Microsoft Windows Server 2022.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Remote Desktop Client
View allRemote code execution in Microsoft Remote Desktop Client is possible when a victim connects to an attacker-controlled or
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Clipboard Virtual Channel Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerabil
Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotel
Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotel
Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotel
Windows Remote Desktop Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remo
Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is remotel
Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network. Rated
A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an
Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is l
Information disclosure in Microsoft Windows Remote Desktop Protocol (RDP) allows remote unauthenticated attackers to rea
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today