Description
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.
References (6)
Core 6
Core References
Patch, Third Party Advisory x_refsource_misc
https://github.com/FreeRDP/FreeRDP/pull/4871/commits/baee520e3dd9be6511c45a14c5f5e77784de1471
Exploit, Third Party Advisory x_refsource_misc
https://github.com/FreeRDP/FreeRDP/issues/4866
Third Party Advisory x_refsource_misc
https://github.com/FreeRDP/FreeRDP/pull/4871
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:2157
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4379-1/
Scores
CVSS v3
6.5
EPSS
0.0083
EPSS Percentile
74.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Details
CWE
CWE-125
Status
published
Products (6)
canonical/ubuntu_linux
18.04
canonical/ubuntu_linux
19.10
canonical/ubuntu_linux
20.04
fedoraproject/fedora
28
freerdp/freerdp
2.0.0 (4 CPE variants)
freerdp/freerdp
< 2.0.0
Published
Dec 20, 2018
Tracked Since
Feb 18, 2026