CyberArk researchers discovered a Windows Remote Desktop Protocol (RDP) vuln tracked as CVE-2022-21893. Simply put, they point out that “This vulnerability enables any standard unprivileged user connected to a remote machine via remote desktop to gain file system access to the client machines of other connected users, to view and modify clipboard data of other connected users, and to impersonate the identity of other users logged on to the machine using smart cards. This could lead to data privacy issues, lateral movement and privilege escalation.” They say that the current versions of Windows all have this vuln, which dates back to Windows Server 2012 R2, so the assumption is that most Windows versions, both client & server editions, are susceptible. CyberArk reported the vulnerability to Microsoft who has released a fix in the latest security update.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.