Philemon Orphee Favrod

Name of the Vulnerable Software and Affected Versions: Remote Desktop Server (affected versions not specified) Description: The Remote Desktop Server is susceptible to a missing authorization flaw, potentially enabling an unauthorized attacker to conduct spoofing attacks over a network. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Remote Desktop Client (affected versions not specified) Description: The issue is related to insufficient UI warnings for dangerous operations in Remote Desktop Client, allowing an unauthorized attacker to perform spoofing over a network. This can lead to unauthorized actions being taken without the user's knowledge or consent. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Licensing Service (affected versions not specified) Description: The issue concerns missing authentication for a critical function in the Windows Remote Desktop Licensing Service, allowing an unauthorized attacker to bypass a security feature over a network. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Remote Desktop Client (affected versions not specified) Description: A heap-based buffer overflow issue in Remote Desktop Client allows an authorized attacker to execute code over a network. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows versions prior to the fixed version Description: A tampering issue affects the Windows Remote Desktop Configuration Service, allowing attackers to impact the system. Recommendations: For versions prior to the fixed version, update to the fixed version to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Services (affected versions not specified) Description: The issue is related to a tampering vulnerability in Windows Remote Desktop Services, which can be exploited by a remote attacker to bypass existing security restrictions. The vulnerability is actively exploited in the wild. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to a security feature bypass in the implementation of the Remote Desktop Protocol (RDP) in the Windows operating system, associated with insufficient access restrictions. This can allow a remote attacker to bypass existing security restrictions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.