PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-23534 FreeRDP CVE debrief

CVE-2026-23534 is a high-severity vulnerability in FreeRDP, a free implementation of the Remote Desktop Protocol. A client-side heap buffer overflow occurs when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger a client-side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code-execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue. Users should update to version 3.21.0 or later to mitigate this vulnerability. Additionally, defenders should monitor for suspicious activity and implement compensating controls to reduce the attack surface.

Vendor
FreeRDP
Product
Unknown
CVSS
HIGH 7.7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-01-19
Original CVE updated
2026-06-30
Advisory published
2026-01-19
Advisory updated
2026-06-30

Who should care

Organizations using FreeRDP should prioritize updating to version 3.21.0 or later. Additionally, defenders should monitor for suspicious activity and implement compensating controls to reduce the attack surface. This vulnerability has a high CVSS score of 7.7, indicating a significant risk to affected systems.

Technical summary

The vulnerability occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger a client-side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code-execution risk depending on allocator behavior and surrounding heap layout. The vulnerability is patched in version 3.21.0. The CVSS vector is CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.

Defensive priority

High priority should be given to updating to version 3.21.0 or later. Defenders should also monitor for suspicious activity and implement compensating controls to reduce the attack surface.

Recommended defensive actions

  • Update to version 3.21.0 or later
  • Monitor for suspicious activity
  • Implement compensating controls to reduce the attack surface
  • Review and update incident response plans
  • Conduct vulnerability scanning and patch management

Evidence notes

The vulnerability is documented in the CVE record and NVD detail pages. Additional information can be found in the FreeRDP GitHub repository and release notes. Red Hat has also published errata related to this vulnerability.

Official resources

This article is AI-assisted and based on the supplied source corpus.