Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.09694
Percentile: 0.9256

CVSS Scoring

Affected Products

• cpe:2.3:a:microsoft:remote_desktop_connection:5.1.2600.2180:*:windows_xp:*:*:*:*:*
• cpe:2.3:a:microsoft:windows_terminal_services_using_rdp:5.2:*:*:*:*:*:*:*

← Back to Home