← voltar
CVE-2026-22852

FreeRDP has a heap-buffer-overflow in audin_process_formats

CVSS 6.8 MEDIUMEPSS 0.4%CWE-787
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.8EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
14 jan 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash. This vulnerability is fixed in 3.20.1.
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
Produtos afetados
FreeRDP · FreeRDP

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4