CVE-2026-40398 Windows Remote Desktop Services Elevation of Privilege Vulnerability

...

CVE-2026-40398

CVE-2026-40398 is a heap-based buffer overflow in Windows Remote Desktop Services that allows an authenticated attacker to perform local privilege escalation. The description across sources consistently identifies a local, authenticated exploit path with a high impact (C/H/I/A: High) and a CVSS v...

CVE-2026-40398 Windows Remote Desktop Services Elevation of Privilege Vulnerability

...

Microsoft Windows Remote Desktop Services 安全漏洞

Microsoft Windows Remote Desktop Services is a set of features provided by Microsoft that allow users to access graphical desktops and Windows applications remotely. There are security vulnerabilities in Microsoft Windows Remote Desktop Services. Attackers can exploit these vulnerabilities to gai...

Microsoft Windows Remote Desktop Services 安全漏洞

Microsoft Windows Remote Desktop Services is a set of features provided by Microsoft that allow users to access graphical desktops and Windows applications remotely. There are security vulnerabilities in Microsoft Windows Remote Desktop Services. Attackers can exploit these vulnerabilities to car...

Security information for Hitachi Disk Array Systems

Overview CVE-2026-20846 | GDI+ Denial of Service Vulnerability CVE-2026-21222 | Windows Kernel Information Disclosure Vulnerability CVE-2026-21231 | Windows Kernel Elevation of Privilege Vulnerability CVE-2026-21234 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability...

March "In the Trend of VM" (#25): once again, vulnerabilities are only in Microsoft products

March "In the Trend of VM" 25: once again, vulnerabilities are only in Microsoft products. I present the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. As in February, it turned out to be quite compact and focused on a single vendor. 🗞 Post on Habr rus...

Patch Tuesday, February 2026 Edition

Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six "zero-day" vulnerabilities that attackers are already exploiting in the wild. Zero-day 1 this month is CVE-2026-21510, a security feature...

CVE-2026-21533

CVE-2026-21533 affects Windows Remote Desktop Services (RDS) and is caused by improper privilege management (CWE-269), allowing a local authenticated attacker with low privileges to elevate to SYSTEM. Multiple connected sources corroborate that the issue is a local EoP in RDS with CVSSv3 7.8 (HIG...

Windows Remote Desktop Services Elevation of Privilege Vulnerability

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...

Microsoft Windows Remote Desktop Services 安全漏洞

Microsoft Windows Remote Desktop Services is a set of features provided by Microsoft that allow users to access graphical desktops and Windows applications remotely. There are security vulnerabilities in Microsoft Windows Remote Desktop Services. Attackers can exploit these vulnerabilities to gai...

KLA90878 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, spoof user interface, obtain sensitive information, cause denial of service. Below is a...

CVE-2010-0064

DesktopServices in Apple Mac OS X 10.6 before 10.6.3 preserves file ownership during an authenticated Finder copy, which might allow local users to bypass intended disk-quota restrictions and have unspecified other impact by copying files owned by other users...

CVE-2025-60703

Technical details about CVE-2025-60703 are not provided in the initial or connected documents. Monitor for updates as more specifics (affected product/version, root cause, mitigations) may be published.

CVE-2025-60703 Windows Remote Desktop Services Elevation of Privilege Vulnerability

...

CVE-2025-60703 Windows Remote Desktop Services Elevation of Privilege Vulnerability

...

Windows Remote Desktop Services Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...

Microsoft Windows Remote Desktop Services 安全漏洞

Microsoft Windows Remote Desktop Services is a collection of features from Microsoft Corporation USA that allow users to remotely access graphical desktops and Windows applications. A security vulnerability exists in Microsoft Windows Remote Desktop Services. An attacker could exploit the...

KLA90057 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, execute arbitrary code, read local files, cause denial of service. Below is a...

CVE-2025-59202

Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally...