CVE-2020-4030 LOW

CVE-2020-4030: OOB read in `TrioParse` in FreeRDP

Vendor Freerdp
Product FreeRDP
Weakness CWE-125
Published June 22, 2020
Last update August 4, 2024

CVSS base score

3.5/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N

What the vulnerability does

01Description

In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.

Key dates

02Disclosure timeline

June 22, 2020 CVE published
August 4, 2024 Record updated