Описание
Remote Desktop Spoofing Vulnerability
Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over a network.
FAQ
According to the CVSS metric, user interaction is required (UI:R). What does that mean for this vulnerability?
An attacker must trick the user into interacting with a spoofed WebAuthn prompt and entering their credentials.
According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?
An unauthorized attacker must wait for a user to initiate a connection.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows 11 Version 22H2 for ARM64-based Systems | ||
| Windows 11 Version 22H2 for x64-based Systems | ||
| Windows 11 Version 23H2 for ARM64-based Systems | ||
| Windows 11 Version 23H2 for x64-based Systems | ||
| Windows 11 Version 24H2 for ARM64-based Systems | ||
| Windows 11 Version 24H2 for x64-based Systems | ||
| Windows Server 2025 | ||
| Windows Server 2025 (Server Core installation) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
8.1 High
CVSS3
Связанные уязвимости
Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over a network.
Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over a network.
Уязвимость клиента удаленного рабочего стола Remote Desktop Client операционных систем Microsoft Windows, позволяющая нарушителю проводить спуфинг атаки
EPSS
8.1 High
CVSS3