Skip to main content

Remote Desktop Client CVE-2022-26940

MEDIUM
2022-05-10 secure@microsoft.com
6.5
CVSS 3.1 · Vendor: microsoft
Share

Severity by source

Vendor (microsoft) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from Vendor (microsoft) · only source for this CVE.

CVSS VectorVendor: microsoft

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
May 10, 2022 - 21:15 cve.org
MEDIUM 6.5

DescriptionCVE.org

Remote Desktop Protocol Client Information Disclosure Vulnerability

AnalysisAI

Remote Desktop Protocol Client Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Technical ContextAI

Remote Desktop Protocol Client Information Disclosure Vulnerability Affected products include: Microsoft Remote Desktop Client, Microsoft Windows 11, Microsoft Windows Server 2022.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2026-42985 HIGH
8.8 Jun 09

Remote code execution in Microsoft Remote Desktop Client is possible when a victim connects to an attacker-controlled or

CVE-2025-48817 HIGH
8.8 Jul 08

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

CVE-2024-38131 HIGH
8.8 Aug 13

Clipboard Virtual Channel Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerabil

CVE-2023-29362 HIGH
8.8 Jun 14

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotel

CVE-2022-22017 HIGH
8.8 May 10

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotel

CVE-2021-34535 HIGH
8.8 Aug 12

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotel

CVE-2021-1669 HIGH
8.8 Jan 12

Windows Remote Desktop Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remo

CVE-2024-49105 HIGH
8.4 Dec 12

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is remotel

CVE-2025-27487 HIGH
8.0 Apr 08

Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network. Rated

CVE-2019-0887 HIGH
8.0 Jul 15

A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an

CVE-2022-41121 HIGH
7.8 Dec 13

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is l

CVE-2026-45639 HIGH
7.5 Jun 09

Information disclosure in Microsoft Windows Remote Desktop Protocol (RDP) allows remote unauthenticated attackers to rea

Share

CVE-2022-26940 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy