Back to overview

CVE-2026-57157

MEDIUM
6.5
CVSS 3.1
Description
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in channels/rdpecam/server/camera_device_enumerator_main.c and then dereference once past the scan bound, allowing a malicious RDP client to trigger a 1- to 2-byte out-of-bounds heap read. This issue is fixed in version 3.28.0.

Metadata

CVE ID
CVE-2026-57157
State
PUBLISHED
Assigner
GitHub_M
Reserved
2026-06-24 01:45 UTC
Published
2026-07-10 19:51 UTC
Last updated
2026-07-10 20:57 UTC
Primary CWE
CWE-125
CWE-125: Out-of-bounds Read
Vendor / Product
FreeRDP / FreeRDP
Sources
cve.org  ·  NVD

Severity & Metrics

6.5 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
SSVC — CISA Coordinator
Exploitation
none
Automatable
yes
Tech. Impact
partial
Affected products (1)
VendorProductPlatformVersions
FreeRDP FreeRDP < 3.28.0
Weakness (CWE)
CWESourceDescription
CWE-125 cna CWE-125: Out-of-bounds Read
CVSS scores (1)
ScoreSeverityVersionSourceVector
6.5 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
References (6)
Back to overview