CVE-2022-21851 Remote Desktop Client Remote Code Execution Vulnerability

CVE-2022-21851 Remote Desktop Client Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in the Microsoft Remote Desktop Protocol. An attacker could exploit this vulnerability by establishing an attacker-to-computer (ATTACK-to-COMPUTER) connection to an affected system. This vulnerability could be exploited to execute arbitrary code on the affected system. This vulnerability would require user interaction to be exploited.
As a precaution, customers should consider applying the latest vendor-supplied updates. Exploitation of this vulnerability requires that a user open a specially crafted remote desktop connection.
This vulnerability has been assigned Common Vulnerability and Exposure number CVE-2019-11918. A patch that resolves this vulnerability is not available. However, there are workarounds that address this vulnerability. The information below provides details on the workarounds that are currently known. - Vendors should consider updating their products to version 10.0.17763. The update resolves the vulnerability that is being exploited to execute remote code. - A workaround for CVE-2019-11918 is to use the Internet Explorer Enhanced Mitigation Mode.

Vulnerability Details

CVE-2019-11918 is a remote code execution vulnerability that has been identified in the Microsoft Remote Desktop Protocol. An attacker could exploit this vulnerability by establishing an ATTACK-to-COMPUTER connection to an affected system.

Microsoft Remote Desktop Protocol Vulnerability - Overview

A remote code execution vulnerability has been identified in the Microsoft Remote Desktop Protocol. An attacker could exploit this vulnerability by establishing an attacker-to-computer (ATTACK-to-COMPUTER) connection to an affected system. This vulnerability could be exploited to execute arbitrary code on the affected system. This vulnerability would require user interaction to be exploited.
As a precaution, customers should consider applying the latest vendor-supplied updates. Exploitation of this vulnerability requires that a user open a specially crafted remote desktop connection.
This vulnerability has been assigned Common Vulnerability and Exposure number CVE-2019-11918. A patch that resolves this vulnerability is not available. However, there are workarounds that address this vulnerability. The information below provides details on the workarounds that are currently known.

Vulnerability summary

A remote code execution vulnerability has been identified in the Microsoft Remote Desktop Protocol. An attacker could exploit this vulnerability by establishing an attacker-to-computer (ATTACK-to-COMPUTER) connection to an affected system. This vulnerability could be exploited to execute arbitrary code on the affected system. This vulnerability would require user interaction to be exploited.
As a precaution, customers should consider applying the latest vendor-supplied updates. Exploitation of this vulnerability requires that a user open a specially crafted remote desktop connection.
This vulnerability has been assigned Common Vulnerability and Exposure number CVE-2019-11918. A patch that resolves this vulnerability is not available. However, there are workarounds that address this vulnerability. The information below provides details on the workarounds that are currently known.

Vendor Information

The vendor has not yet released a patch for this vulnerability.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe