CVE-2025-68670: discovering an RCE vulnerability in xrdp
During a security assessment of Kaspersky USB Redirector, we discovered CVE-2025-68670: a pre-auth RCE in the xrdp server component. Project maintainers promptly patched the vulnerability.
ORIGINAL SOURCE →via Kaspersky Securelist
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] ‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials
- [CYBER] Signed Logitech Installer Abused to Drop TCLBANKER Banking Trojan
- [CYBER] Ransomware Group Takes Credit for Trellix Hack
- [CYBER] Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th)
- [CYBER] New Linux 'Dirty Frag' zero-day gives root on all major distros
- [CYBER] Around 200 foreigners detained over suspected online scam operation, say Batam authorities