CVE-2026-32105

| EUVD-2026-23472 CRITICAL
2026-04-17 GitHub_M
Information Disclosure
9.3
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Re-analysis Queued
Apr 20, 2026 - 19:07 vuln.today
cvss_changed
Analysis Generated
Apr 17, 2026 - 22:09 vuln.today
patch_available
Apr 17, 2026 - 20:16 EUVD

DescriptionNVD

xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentication Code (MAC) signature of encrypted RDP packets when using the "Classic RDP Security" layer. While the sender correctly generates signatures, the receiving logic lacks the necessary implementation to validate the 8-byte integrity signature, causing it to be silently ignored. An unauthenticated attacker with man-in-the-middle (MITM) capabilities can exploit this missing check to modify encrypted traffic in transit without detection. It does not affect connections where the TLS security layer is enforced. This issue has been fixed in version 0.10.6. If users are unable to immediately upgrade, they should configure xrdp.ini to enforce TLS security (security_layer=tls) to ensure end-to-end integrity.

AnalysisAI

Missing MAC signature verification in xrdp 0.10.5 and earlier allows man-in-the-middle attackers to modify encrypted RDP traffic without detection when Classic RDP Security layer is used. Unauthenticated network attackers with MITM position can alter packet contents in transit, achieving high integrity and confidentiality impact on both vulnerable and subsequent systems (CVSS 9.3, CVSS:4.0 with scope change). …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify all systems running xrdp versions 0.10.5 or earlier using network inventory and configuration management tools. Within 7 days: Apply vendor patch to xrdp version 0.10.6 on all identified systems; for systems unable to patch immediately, enforce TLS security layer enforcement in RDP configurations to disable vulnerable Classic RDP Security. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Vendor StatusVendor

Share

CVE-2026-32105 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy