top of page
perceptive_background_267k.jpg

xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop proces…

Published:

16 april 2026 om 22:00:00

Alert date:

17 april 2026 om 21:03:48

Source:

nvd.nist.gov

Click to open the original link from this advisory

Operating Systems, Network Infrastructure

xrdp, an open source RDP server, contains a privilege escalation vulnerability in versions through 0.10.5. The session execution component improperly handles errors during the privilege drop process, allowing authenticated local attackers to escalate privileges to root and execute arbitrary code. An additional exploit would be needed to facilitate this attack. The vulnerability has been fixed in version 0.10.6.

Technical details

Mitigation steps:

Affected products:

xrdp

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-32107
https://github.com/neutrinolabs/xrdp/releases/tag/v0.10.6
https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-p5m6-7m43-pjv9

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page