Microsoft Remote Desktop Gateway Service Heap-Based Buffer Overflow Vulnerability Allowing Remote Code Execution
Vulnerability
A heap-based buffer overflow vulnerability has been identified in the Remote Desktop Gateway Service. This vulnerability allows an unauthorized attacker to execute code remotely over the network. It affects multiple versions of Windows Server and Windows 10, as well as the Remote Desktop client for Windows Desktop.
Impact
Exploitation of this vulnerability could lead to remote code execution on the affected system.
Reproduction
An attacker with control of a Remote Desktop Server can exploit this vulnerability. When a victim connects to the server using a vulnerable Remote Desktop Client, the attacker can execute code on the victim's machine.
Remediation
Users can apply the security update KB5058383 for Windows 10, KB5058385 for Windows Server 2022, and KB5058403 for Windows Server 2012 R2. For Windows 11, the security update KB5058411 is available. Instructions for downloading these updates can be found on the Microsoft Update Catalog.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.