CVE-2025-68118Out-of-bounds Read in Freerdp

CWE-125Out-of-bounds Read4 documents4 sources
Severity
6.6MEDIUMNVD
EPSS
0.1%
top 79.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
FreerdpDebian Freerdp3
Timeline
PublishedDec 17

Description

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.0, a vulnerability exists in FreeRDP’s certificate handling code on Windows platforms. The function `freerdp_certificate_data_hash_ uses` the Microsoft-specific `_snprintf` function to format certificate cache filenames without guaranteeing NUL termination when truncation occurs. According to Microsoft documentation, `_snprintf` does not append a terminating NUL byte if the formatted output exceeds the destina

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

NVDfreerdp/freerdp< 3.20.0

Patches

Patch: github.com

🔴Vulnerability Details

1
OSV
CVE-2025-68118: FreeRDP is a free implementation of the Remote Desktop Protocol2025-12-17

📋Vendor Advisories

1
Debian
CVE-2025-68118: freerdp3 - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-68118 Impact, Exploitability, and Mitigation Steps | Wiz