CVE-2024-21307

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Remote Desktop Client versions prior to 1.2.5105

Description The issue is related to errors in synchronization when using a shared resource in the Remote Desktop Protocol (RDP) of the Windows operating system. This can allow a remote attacker to execute arbitrary code.

Recommendations For versions prior to 1.2.5105, update to version 1.2.5105 or later to resolve the issue. As a temporary workaround, consider restricting access to the Remote Desktop Protocol to minimize the risk of exploitation.

Fix

RCE

Use After Free

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-362

Related Identifiers

BDU:2024-00465

CVE-2024-21307

Affected Products

Remote Desktop Client

Windows

CVE-2024-21307

Weakness Enumeration

Related Identifiers

Affected Products

References · 8