CVE-2026-32105
medium
Red Hat CVSS v3 Base Score
5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
0.0%
Exploitation probability in 30 days
Top 87% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Confidentiality
None
Integrity
High
Availability
None
Published: April 17, 2026 (26 days ago)
Last Modified: April 17, 2026
Vendor: Red Hat
Source: REDHAT
Vulnerability Report
Generated by CyberWatcher
Description
A flaw was found in xrdp, an open-source Remote Desktop Protocol (RDP) server. When using the "Classic RDP Security" layer, xrdp fails to verify the Message Authentication Code (MAC) signature of encrypted RDP packets. This oversight allows an unauthenticated attacker with man-in-the-middle (MITM) capabilities to modify encrypted traffic as it travels between the client and server without being detected, compromising data integrity. This vulnerability does not affect connections where the Transport Layer Security (TLS) security layer is enforced.