PatchSiren cyber security CVE debrief
CVE-2026-22858 FreeRDP CVE debrief
CVE-2026-22858 is a global-buffer-overflow vulnerability in FreeRDP's Base64 decoding path. The issue arises from implementation-defined char signedness, particularly on Arm/AArch64 builds where plain char is treated as unsigned. This leads to a potential out-of-bounds access when non-ASCII bytes are used as an index into a global lookup table. The vulnerability is fixed in FreeRDP version 3.20.1. Users should update to this version or later to mitigate the risk. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is 5.6, indicating a medium severity level.
- Vendor
- FreeRDP
- Product
- Unknown
- CVSS
- MEDIUM 5.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-14
- Original CVE updated
- 2026-06-30
- Advisory published
- 2026-01-14
- Advisory updated
- 2026-06-30
Who should care
Organizations and individuals using FreeRDP for remote desktop connections should be aware of this vulnerability. Given the medium severity score of 5.6, it is recommended that users update to version 3.20.1 or later to prevent potential exploitation. This is particularly important for environments where remote access is common, as exploitation could lead to unauthorized access or data breaches.
Technical summary
The vulnerability in FreeRDP is caused by a global-buffer-overflow in the Base64 decoding path. This occurs because the char type is treated as unsigned on Arm/AArch64 architectures, allowing non-ASCII bytes (0x80-0xFF) to bypass intended range restrictions. These bytes can then be used as an index into a global lookup table, resulting in an out-of-bounds access. The CVSS vector for this vulnerability is CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X, reflecting a medium severity level.
Defensive priority
Given the medium severity of this vulnerability, defenders should prioritize updating FreeRDP to version 3.20.1 or later. This update will prevent potential exploitation of the global-buffer-overflow vulnerability in the Base64 decoding path.
Recommended defensive actions
- Update FreeRDP to version 3.20.1 or later.
- Review and apply additional security measures for remote desktop connections.
- Monitor for any suspicious activity related to remote desktop access.
- Ensure that all relevant systems and software are up-to-date with the latest security patches.
- Consider implementing additional security controls, such as multi-factor authentication, for remote access.
Evidence notes
The CVE-2026-22858 vulnerability details are based on information from the CVE.org record and the National Vulnerability Database (NVD). The vulnerability is caused by a global-buffer-overflow in FreeRDP's Base64 decoding path, which can lead to out-of-bounds access. The vulnerability is fixed in FreeRDP version 3.20.1.
Official resources
-
CVE-2026-22858 CVE record
CVE.org
-
CVE-2026-22858 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Release Notes
-
Mitigation or vendor reference
[email protected] - Exploit, Vendor Advisory
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
This article is AI-assisted and based on the supplied source corpus.