Windows Remote Desktop Licensing Service RCE

ISGroup Cybersecurity

The Windows Remote Desktop Licensing (RDL) service has a vulnerability identified as CVE-2024-38077, which allows attackers to exploit a buffer overflow to execute arbitrary code. This vulnerability affects Windows Server versions from 2000 to 2025. By exploiting this flaw, an attacker can execute code within the context of the RDL service, with the potential to completely compromise the system.

Productmsrpc
Date2024-08-12 16:43:34

Technical Summary

The Windows Remote Desktop Licensing (RDL) service is vulnerable to CVE-2024-38077, allowing attackers to exploit a buffer overflow to achieve arbitrary code execution. This vulnerability affects Windows Server versions from 2000 up to 2025. By exploiting this flaw, an attacker can execute code in the context of the RDL service, potentially leading to a complete system compromise.

[Callforaction-THREAT-Footer]