CVE-2026-33952 MEDIUM

CVE-2026-33952: FreeRDP: DoS via WINPR_ASSERT in rts_read_auth_verifier_no_checks

Vendor Freerdp
Product FreeRDP
Weakness CWE-617
Published March 30, 2026
Last update April 2, 2026

CVSS base score

6.0/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, an unvalidated auth_length field read from the network triggers a WINPR_ASSERT() failure in rts_read_auth_verifier_no_checks(), causing any FreeRDP client connecting through a malicious RDP Gateway to crash with SIGABRT. This is a pre-authentication denial of service affecting all FreeRDP clients using RPC-over-HTTP gateway transport. The assertion is active in default release builds (WITH_VERBOSE_WINPR_ASSERT=ON). This issue has been patched in version 3.24.2.

Key dates

02Disclosure timeline

March 30, 2026 CVE published
April 2, 2026 Record updated