Login Sign Up

CVE-2026-23732

7.5 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

FreeRDP clients prior to version 3.21.0 contain a buffer overflow vulnerability in FastGlyph parsing. A malicious RDP server can exploit this to cause a denial-of-service (client crash) by sending specially crafted packets. All FreeRDP client users connecting to untrusted servers are affected.

💻 Affected Systems

Products:
  • FreeRDP
Versions: All versions prior to 3.21.0
Operating Systems: Linux, Windows, macOS, BSD
Default Config Vulnerable: ⚠️ Yes
Notes: Any system using FreeRDP client to connect to RDP servers is vulnerable

📦 What is this software?

Freerdp by Freerdp

View all CVEs affecting Freerdp →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full client compromise, though CVSS suggests DoS is primary impact

🟠

Likely Case

Client crash/denial-of-service when connecting to malicious server

🟢

If Mitigated

No impact if patched version used or connections restricted to trusted servers

🌐 Internet-Facing: MEDIUM - Requires client to connect to malicious server, but RDP clients often connect to various servers
🏢 Internal Only: LOW - Internal RDP servers are typically trusted, reducing attack surface

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires client to connect to malicious server; server-side control needed

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.21.0

Vendor Advisory: https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0

Restart Required: Yes

Instructions:

1. Download FreeRDP 3.21.0 or newer from official repository
2. Compile and install following platform-specific build instructions
3. Restart any FreeRDP client applications

🔧 Temporary Workarounds

Restrict RDP Connections

all

Only allow FreeRDP connections to trusted, internal RDP servers

🧯 If You Can't Patch

  • Discontinue use of FreeRDP for connecting to untrusted RDP servers
  • Use alternative RDP client software that is not vulnerable

🔍 How to Verify

Check if Vulnerable:

Check FreeRDP version with 'xfreerdp --version' or equivalent command

Check Version:

xfreerdp --version

Verify Fix Applied:

Verify version is 3.21.0 or higher after update

📡 Detection & Monitoring

Log Indicators:

  • FreeRDP client crashes with segmentation faults
  • Unexpected termination of RDP sessions

Network Indicators:

  • RDP connections to unknown/untrusted servers
  • Unusual RDP traffic patterns

SIEM Query:

source="freerdp" AND (event="crash" OR event="segmentation_fault")

📊 Metadata

CVE ID: CVE-2026-23732
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-122
EPSS Score: 0.09% exploit probability (24.8th percentile)
Published: January 19, 2026
Last Updated: January 28, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-23732, you might also want to check these:

CVE-2021-21940 10.0

A heap-based buffer overflow vulnerability in Anker Eufy Homebase 2's RTSP handling allows remote co...

Same vulnerability type (CWE-122)
CVE-2023-45318 10.0

This critical vulnerability allows remote attackers to execute arbitrary code on systems running Wes...

Same vulnerability type (CWE-122)
CVE-2025-23123 10.0

A heap buffer overflow vulnerability in UniFi Protect Camera firmware allows remote code execution. ...

Same vulnerability type (CWE-122)