CVE-2023-29352
published 2023-06-14CVE-2023-29352: Windows Remote Desktop Security Feature Bypass Vulnerability
PriorityP434medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
EPSS
1.17%
63.2th percentile
Windows Remote Desktop Security Feature Bypass Vulnerability
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | remote_desktop_client | < 1.2.4337 | 1.2.4337 |
| microsoft | remote_desktop_client_for_windows_desktop | >= 1.2.0.0 < 1.2.4337.0 | 1.2.4337.0 |
| microsoft | windows_10_1809 | < 10.0.17763.4499 | 10.0.17763.4499 |
| microsoft | windows_10_21h2 | < 10.0.19044.3086 | 10.0.19044.3086 |
| microsoft | windows_10_22h2 | < 10.0.19045.3087 | 10.0.19045.3087 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.4499 | 10.0.17763.4499 |
| microsoft | windows_10_version_21h2 | >= 10.0.19043.0 < 10.0.19044.3086 | 10.0.19044.3086 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.3086 | 10.0.19045.3086 |
| microsoft | windows_11_21h2 | < 10.0.22000.2057 | 10.0.22000.2057 |
| microsoft | windows_11_22h2 | < 10.0.22621.1848 | 10.0.22621.1848 |
| microsoft | windows_11_version_21h2 | >= 10.0.0 < 10.0.22000.2057 | 10.0.22000.2057 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.1848 | 10.0.22621.1848 |
| microsoft | windows_server_2019 | < 10.0.17763.4499 | 10.0.17763.4499 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.4499 | 10.0.17763.4499 |
| microsoft | windows_server_2022 | < 10.0.20348.1787 | 10.0.20348.1787 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.1787 | 10.0.20348.1787 |
| msrc | remote_desktop_client_for_windows_desktop | — | — |
| msrc | windows_10_version_1809_for_x64-based_systems | — | — |
| msrc | windows_10_version_21h2_for_x64-based_systems | — | — |
| msrc | windows_10_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_21h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_21h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_server_2019 | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
vendor_msrc6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Windows Remote Desktop Security Feature Bypass Vulnerability
vendor_msrc·2023-06-13·CVSS 6.5
CVE-2023-29352 [MEDIUM] Windows Remote Desktop Security Feature Bypass Vulnerability
Windows Remote Desktop Security Feature Bypass Vulnerability
FAQ: How could an attacker exploit this vulnerability?
An attacker could successfully exploit this vulnerability by creating a fraudulent .RDP file that would bypass certificate validation and warning prompts while establishing a remote desktop connection. This could create an opportunity for phishing.
FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability?
An attacker who successfully exploited the vulnerability could bypass certificate or private key authentication when establishing a remote desktop protocol session.
FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
An attacker must send the user a malicious file and
GHSA
GHSA-3837-c3j5-844h: Windows Remote Desktop Security Feature Bypass Vulnerability
ghsa_unreviewed·2023-06-14
CVE-2023-29352 [MEDIUM] GHSA-3837-c3j5-844h: Windows Remote Desktop Security Feature Bypass Vulnerability
Windows Remote Desktop Security Feature Bypass Vulnerability
No detection rules found.
No public exploits indexed.
Talos
Microsoft discloses 5 critical vulnerabilities in June's Patch Tuesday, no zero-days
blogs_talos·2023-06-13·CVSS 9.8
[CRITICAL] Microsoft discloses 5 critical vulnerabilities in June's Patch Tuesday, no zero-days
Microsoft released its monthly security update Tuesday, disclosing 69 vulnerabilities across its suite of products and software. Five of these vulnerabilities are considered to be critical, 45 of them are listed as being high severity, 17 of them are medium severity and two are of low severity.
For the first time in four months, none of the vulnerabilities Microsoft disclosed this Patch Tuesday have been exploited in the wild. June is also closer to an average month for Microsoft’s security update after only disclosing 40 vulnerabilities last month, which was nearly a three-year low.
Cisco Talos discovered two vulnerabilities in Microsoft Excel that the company patched Tuesday. These are important-severity remote code execution vulnerabilities that are triggered if the targeted user open
Talos
Microsoft discloses 5 critical vulnerabilities in June's Patch Tuesday, no zero-days
blogs_talos·2023-06-13·CVSS 9.8
[CRITICAL] Microsoft discloses 5 critical vulnerabilities in June's Patch Tuesday, no zero-days
## Microsoft discloses 5 critical vulnerabilities in June's Patch Tuesday, no zero-days
Microsoft released its monthly security update Tuesday, disclosing 69 vulnerabilities across its suite of products and software. Five of these vulnerabilities are considered to be critical, 45 of them are listed as being high severity, 17 of them are medium severity and two are of low severity.
For the first time in four months, none of the vulnerabilities Microsoft disclosed this Patch Tuesday have been exploited in the wild. June is also closer to an average month for Microsoft’s security update after only disclosing 40 vulnerabilities last month, which was nearly a three-year low .
Cisco Talos discovered two vulnerabilities in Microsoft Excel that the company patched Tuesday. These are important-s
2023-06-14
Published