8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.3%
Severity: Medium
Date : 2021-10-29
CVE-ID : CVE-2021-41159 CVE-2021-41160
Package : freerdp
Type : arbitrary code execution
Remote : Yes
Link : https://security.archlinux.org/AVG-2488
The package freerdp before version 2:2.4.1-1 is vulnerable to arbitrary
code execution.
Upgrade to 2:2.4.1-1.
The problems have been fixed upstream in version 2.4.1.
CVE-2021-41159 can be mitigated by using a /gt:http connection or a
direct connection without gateway. No known mitigation exists for
CVE-2021-41160.
A security issue has been found in FreeRDP before version 2.4.1.
Improper client input validation for gateway connections (/gt:rpc)
allows a malicious gateway to overwrite client memory.
A security issue has been found in FreeRDP before version 2.4.1. A
malicious server might trigger out of bound writes in a connected
client.
Connections using GDI or SurfaceCommands to send graphics updates to
the client might send 0 width/height or out of bound rectangles to
trigger out of bound writes. With 0 width or heigth the memory
allocation will be 0 but the missing bounds checks allow writing to the
pointer at this (not allocated) region.
A malicious RDP server or gateway could cause remote code execution on
a connected client.
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vh34-m9h7-95xq
https://github.com/FreeRDP/FreeRDP/commit/07b789c88010766c230c8f10ac748523b86e9305
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7c9r-6r2q-93qg
https://github.com/FreeRDP/FreeRDP/commit/217e0caa181fc1690cf84dd6a3ba1a4f90c02692
https://security.archlinux.org/CVE-2021-41159
https://security.archlinux.org/CVE-2021-41160
github.com/FreeRDP/FreeRDP/commit/07b789c88010766c230c8f10ac748523b86e9305
github.com/FreeRDP/FreeRDP/commit/217e0caa181fc1690cf84dd6a3ba1a4f90c02692
github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7c9r-6r2q-93qg
github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vh34-m9h7-95xq
security.archlinux.org/AVG-2488
security.archlinux.org/CVE-2021-41159
security.archlinux.org/CVE-2021-41160
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.3%