โ† ุงู„ุนูˆุฏุฉ ู„ู„ุฌุฏูˆู„
CVE-2025-68118
CVE-2025-68118 โ€” VulnCheck: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior
๐Ÿ“… 2025-12-17
๐Ÿ”ด Critical ๐Ÿ”ฅ No VulnCheck Exploit Windows CVSS 9.1

๐Ÿ“‹ ุงู„ูˆุตู ุงู„ูƒุงู…ู„

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.0, a vulnerability exists in FreeRDPโ€™s certificate handling code on Windows platforms. The function `freerdp_certificate_data_hash_ uses` the Microsoft-specific `_snprintf` function to format certificate cache filenames without guaranteeing NUL termination when truncation occurs. According to Microsoft documen

๐Ÿ’ป ุงู„ุฃู†ุธู…ุฉ ุงู„ู…ุชุฃุซุฑุฉ

Microsoft Windows

โš ๏ธ ู†ูˆุน ุงู„ุชู‡ุฏูŠุฏ

Exploit

๐Ÿ”— CVE ID

CVE-2025-68118

๐Ÿ“ก ุงู„ู…ุตุฏุฑ

VulnCheck

โœ… ุงู„ุญู„ูˆู„ ูˆุงู„ุชุฎููŠู

Update to v3.20.0

๐Ÿ”— ุงู„ู…ุตุฏุฑ ุงู„ุฃุตู„ูŠ โ† ๐Ÿ“˜ NVD โ† โšก CISA KEV โ†