This vulnerability could allow a MITM attack where user credentials are relayed and used to run code on the remote system against an RDP session. CredSSP (Credential Security Support Provider Protocol) is a security protocol that lets applications delegate user’s NTLM or kerbros credentials from clients to servers for remote authentication over TLS channel. Microsoft recently fixed RCE (Remote Code Execution) Vulnerability in CredSSP in March Updates of Windows.
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |