cbcvebase.
CVE-2022-23613
published 2022-02-07

CVE-2022-23613: xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows…

PriorityP344high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.48%
38.1th percentile
xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able to locally access a sesman server to execute code as root. This vulnerability has been patched in version 0.9.18.1 and above. Users are advised to upgrade. There are no known workarounds.

Affected

14 ranges
VendorProductVersion rangeFixed in
debianxrdp< xrdp 0.9.17-2.1 (bookworm)xrdp 0.9.17-2.1 (bookworm)
fedoraprojectfedora
fedoraprojectfedora
neutrinolabsxrdp
neutrinolabsxrdp
neutrinolabsxrdp
neutrinolabsxrdp>= 0 < 0.9.17-2.10.9.17-2.1
neutrinolabsxrdp>= 0 < 0.9.17-2.10.9.17-2.1
neutrinolabsxrdp>= 0 < 0.9.17-2.10.9.17-2.1
neutrinolabsxrdp>= 0 < 0.6.0-1ubuntu0.1+esm30.6.0-1ubuntu0.1+esm3
neutrinolabsxrdp>= 0 < 0.6.1-2ubuntu0.3+esm30.6.1-2ubuntu0.3+esm3
neutrinolabsxrdp>= 0 < 0.9.5-2ubuntu0.1~esm20.9.5-2ubuntu0.1~esm2
neutrinolabsxrdp>= 0 < 0.9.12-1ubuntu0.1+esm10.9.12-1ubuntu0.1+esm1
neutrinolabsxrdp>= 0 < 0.9.17-2ubuntu2+esm10.9.17-2ubuntu2+esm1

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv9.8CRITICAL
vendor_debian7.8HIGH
vendor_ubuntu6.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.