Security News > 2019 > June > Unpatched Bug Let Attackers Bypass Windows Lock Screen On RDP Sessions

Unpatched Bug Let Attackers Bypass Windows Lock Screen On RDP Sessions
2019-06-04 19:18

A security researcher today revealed details of a newly unpatched vulnerability in Microsoft Windows Remote Desktop Protocol (RDP). Tracked as CVE-2019-9510, the reported vulnerability could allow client-side attackers to bypass the lock screen on remote desktop (RD) sessions. Discovered by Joe Tammariello of Carnegie Mellon University Software Engineering Institute (SEI), the flaw exists


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/vuH4b8lQvn0/rdp-windows-lock-screen.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-01-15 CVE-2019-9510 Improper Handling of Exceptional Conditions vulnerability in Microsoft Windows 10 and Windows Server 2019
A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 and later systems can allow authenticated RDP-connected clients to gain access to user sessions without needing to interact with the Windows lock screen.
local
low complexity
microsoft CWE-755
7.8
7.8