Widespread, Easily Exploitable Windows RDP Bug Opens Users to Data Theft
Earlier this week, Microsoft issued a fix for a vulnerability that allows remote, unprivileged attackers to abuse Remote Desktop Protocol (RDP) from inside Windows devices. The flaw could allow attackers to hijack smart cards and gain unauthorized access to file systems. The bug, which is tracked as CVE-2022-21893, could lead to data-privacy issues, lateral movement, and privilege escalation. In addition, insider attackers could view and modify clipboard data, impersonate other logged-in users and perform other malicious functions. The vulnerability was fixed amid a massive Patch Tuesday after CyberArk discovered the bug in Windows Remote Desktop Services.
The vulnerability, according to security researchers, dates back to at least Windows Server 2012 R2. CyberArk found that even the latest versions of Windows, including client and server editions, are also affected by the vulnerability. Therefore, the vulnerability is widespread. Even worse, security researchers confirmed that it’s easy to exploit. The vulnerability was given a criticality rating of 7.7 out of 10.