Description
Remote Desktop in Windows XP SP1 does not verify the "Force shutdown from a remote system" setting, which allows remote attackers to shut down the system by executing TSShutdn.exe.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Juha-Matti Laurio · textdoswindows
https://www.exploit-db.com/exploits/25268
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/19819
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1013552
Vendor Advisory vendor-advisory
x_refsource_mskb
http://support.microsoft.com/kb/889323
Scores
EPSS
0.0117
EPSS Percentile
78.9%
Details
CWE
CWE-20
Status
published
Products (1)
microsoft/windows_xp
Published
May 02, 2005
Tracked Since
Feb 18, 2026