BullWall Server Intrusion Protection RDP Connection Delay Vulnerability Allowing Detection Bypass

Vulnerability

A vulnerability exists in BullWall Server Intrusion Protection due to a significant delay before the multi-factor authentication (MFA) check when connecting via Remote Desktop Protocol (RDP). This delay creates a window of opportunity for remote authenticated attackers with administrative privileges to potentially bypass detection. The issue has been confirmed in versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4, with the possibility that other versions before and after may also be affected.

Impact

Exploitation of this vulnerability could lead to a bypass of intrusion detection mechanisms, allowing malicious activities to go undetected during the MFA delay window.

Added: Dec 18, 2025, 9:23 PM

Updated: Dec 18, 2025, 9:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.4

remediation

0.0

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.4

remediation

0.0

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

BullWall Server Intrusion Protection RDP Connection Delay Vulnerability Allowing Detection Bypass

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating