Ashley Newson

**Name of the Vulnerable Software and Affected Versions** xrdp-sesman versions prior to 0.9.13.1 **Description** The issue is related to a buffer overflow attack that can crash the xrdp-sesman service by connecting over port 3350 and supplying a malicious payload. Once the service is down, an unprivileged attacker can start an imposter sesman service, allowing them to capture user credentials submitted to XRDP, approve or reject arbitrary login credentials, and potentially hijack existing xorgxrdp sessions. This may also pose a risk of arbitrary code execution. **Recommendations** For versions prior to 0.9.13.1, update to version 0.9.13.1 or later to resolve the issue. As a temporary workaround, consider restricting access to port 3350 to minimize the risk of exploitation.