Windows Remote Desktop Security Feature Bypass Vulnerability - CVE-2023-29352ID: oval:org.secpod.oval:def:90361 | Date: (C)2023-06-15 (M)2024-03-06 |
Class: VULNERABILITY | Family: windows |
Windows Remote Desktop Security Feature Bypass Vulnerability. An attacker must send the user a malicious file and convince the user to open said file. An attacker who successfully exploited this vulnerability could bypass certificate validation during a remote desktop connection by creating a validly signed .RDP file that will bypass warning prompts when it is executed. This could create an opportunity for phishing. An attacker who successfully exploited the vulnerability could bypass certificate or private key authentication when establishing a remote desktop protocol session.
Platform: |
Microsoft Windows 10 |
Microsoft Windows 11 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2022 |
Product: |
Microsoft Remote Desktop client |