FreeRDP implementations are not affected if the remote end uses the `/video` switch. The FreeRDP implementation at the remote end might be affected if the implementation does not support the `/video` switch.
Vulnerability Scenario
A FreeRDP implementation is not affected if the remote end uses the `/video` switch. The FreeRDP implementation at the remote end might be affected if the implementation does not support the `/video` switch.
Vulnerability details
The FreeRDP implementation of RDP might be vulnerable to a buffer overflow issue. This could allow an attacker to overwrite the system's memory and execute arbitrary code on the affected system.
Vulnerability Description
CVE-2022-39283 is a remote code execution issue in FreeRDP implementations. This vulnerability allows an attacker to execute arbitrary code on the remote endpoint. The target must be running FreeRDP in order for this vulnerability to be exploitable.
Timeline
Published on: 10/12/2022 23:15:00 UTC
Last modified on: 10/31/2022 04:15:00 UTC