Remote Desktop Protocol
by Microsoft
CVEs (23)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-1794 | Hig | 0.49 | 7.4 | 0.16 | Jun 1, 2005 | Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks. | ||
| CVE-2012-0152 | 0.07 | — | 0.86 | Mar 13, 2012 | The Remote Desktop Protocol (RDP) service in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (application hang) via a series of crafted packets, aka "Terminal Server Denial of Service Vulnerability." | |||
| CVE-2019-1108 | 0.02 | — | 0.11 | Jul 29, 2019 | An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Client Information Disclosure Vulnerability'. | |||
| CVE-2015-2473 | 0.02 | — | 0.25 | Aug 15, 2015 | Untrusted search path vulnerability in the client in Remote Desktop Protocol (RDP) through 8.1 in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory… | |||
| CVE-2012-0173 | 0.02 | — | 0.21 | Jun 12, 2012 | The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which allows remote attackers to… | |||
| CVE-2022-26940 | 0.01 | — | 0.02 | May 10, 2022 | Remote Desktop Protocol Client Information Disclosure Vulnerability | |||
| CVE-2022-21893 | 0.01 | — | 0.07 | Jan 11, 2022 | Remote Desktop Protocol Remote Code Execution Vulnerability | |||
| CVE-2021-31186 | 0.01 | — | 0.03 | May 11, 2021 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | |||
| CVE-2020-16927 | 0.01 | — | 0.05 | Oct 16, 2020 | A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system… | |||
| CVE-2020-16896 | 0.01 | — | 0.10 | Oct 16, 2020 | An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could obtain information to further… | |||
| CVE-2020-0660 | 0.01 | — | 0.05 | Feb 11, 2020 | A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'. | |||
| CVE-2019-1453 | 0.01 | — | 0.09 | Dec 10, 2019 | A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'. | |||
| CVE-2019-1223 | 0.01 | — | 0.05 | Aug 14, 2019 | A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to… | |||
| CVE-2014-6318 | 0.01 | — | 0.11 | Nov 11, 2014 | The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly log unauthorized login attempts… | |||
| CVE-2023-28267 | 0.00 | — | 0.02 | Apr 11, 2023 | Remote Desktop Protocol Client Information Disclosure Vulnerability | |||
| CVE-2022-24503 | 0.00 | — | 0.02 | Mar 9, 2022 | Remote Desktop Protocol Client Information Disclosure Vulnerability | |||
| CVE-2021-41371 | 0.00 | — | 0.01 | Nov 10, 2021 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | |||
| CVE-2021-38665 | 0.00 | — | 0.06 | Nov 10, 2021 | Remote Desktop Protocol Client Information Disclosure Vulnerability | |||
| CVE-2021-38631 | 0.00 | — | 0.02 | Nov 10, 2021 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | |||
| CVE-2021-1674 | 0.00 | — | 0.03 | Jan 12, 2021 | Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability |
- risk 0.49cvss 7.4epss 0.16
Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks.
- CVE-2012-0152Mar 13, 2012risk 0.07cvss —epss 0.86
The Remote Desktop Protocol (RDP) service in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (application hang) via a series of crafted packets, aka "Terminal Server Denial of Service Vulnerability."
- CVE-2019-1108Jul 29, 2019risk 0.02cvss —epss 0.11
An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Client Information Disclosure Vulnerability'.
- CVE-2015-2473Aug 15, 2015risk 0.02cvss —epss 0.25
Untrusted search path vulnerability in the client in Remote Desktop Protocol (RDP) through 8.1 in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory…
- CVE-2012-0173Jun 12, 2012risk 0.02cvss —epss 0.21
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which allows remote attackers to…
- CVE-2022-26940May 10, 2022risk 0.01cvss —epss 0.02
Remote Desktop Protocol Client Information Disclosure Vulnerability
- CVE-2022-21893Jan 11, 2022risk 0.01cvss —epss 0.07
Remote Desktop Protocol Remote Code Execution Vulnerability
- CVE-2021-31186May 11, 2021risk 0.01cvss —epss 0.03
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
- CVE-2020-16927Oct 16, 2020risk 0.01cvss —epss 0.05
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system…
- CVE-2020-16896Oct 16, 2020risk 0.01cvss —epss 0.10
An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could obtain information to further…
- CVE-2020-0660Feb 11, 2020risk 0.01cvss —epss 0.05
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.
- CVE-2019-1453Dec 10, 2019risk 0.01cvss —epss 0.09
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.
- CVE-2019-1223Aug 14, 2019risk 0.01cvss —epss 0.05
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to…
- CVE-2014-6318Nov 11, 2014risk 0.01cvss —epss 0.11
The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly log unauthorized login attempts…
- CVE-2023-28267Apr 11, 2023risk 0.00cvss —epss 0.02
Remote Desktop Protocol Client Information Disclosure Vulnerability
- CVE-2022-24503Mar 9, 2022risk 0.00cvss —epss 0.02
Remote Desktop Protocol Client Information Disclosure Vulnerability
- CVE-2021-41371Nov 10, 2021risk 0.00cvss —epss 0.01
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
- CVE-2021-38665Nov 10, 2021risk 0.00cvss —epss 0.06
Remote Desktop Protocol Client Information Disclosure Vulnerability
- CVE-2021-38631Nov 10, 2021risk 0.00cvss —epss 0.02
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
- CVE-2021-1674Jan 12, 2021risk 0.00cvss —epss 0.03
Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
Page 1 of 2