Remote Desktop Client RCE via crafted .rdp
CVE-2023-24905 Published on May 9, 2023
Remote Desktop Client Remote Code Execution Vulnerability
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2023-24905 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2023-24905
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-24905 are published in these products:
Affected Versions
Microsoft Windows 10 Version 20H2:- Version 10.0.0 and below 10.0.19042.2965 is affected.
- Version 10.0.0 and below 10.0.22000.1936 is affected.
- Version 10.0.19043.0 and below 10.0.19044.2965 is affected.
- Version 10.0.22621.0 and below 10.0.22621.1702 is affected.
- Version 10.0.19045.0 and below 10.0.19045.2965 is affected.
Exploit Probability
EPSS
0.43%
Percentile
62.21%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.