CVE-2022-26940
Published: 10 May 2022
Summary
CVE-2022-26940 is a medium-severity an unspecified weakness vulnerability in Microsoft Windows 11. Its CVSS base score is 6.5 (Medium).
Operationally, ranked in the top 5.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2022-26940 is an information disclosure vulnerability affecting the Remote Desktop Protocol (RDP) client component in Microsoft Windows. It carries a CVSS 3.1 base score of 6.5 with the vector string AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, indicating that sensitive data can be exposed without user interaction when the client connects to a remote endpoint.
An attacker who can position themselves as the RDP server (or intercept the session) may exploit the flaw over the network with only low privileges. Successful exploitation allows the attacker to obtain confidential information from the client system while leaving integrity and availability unaffected.
Microsoft has published security guidance and an update catalog entry for CVE-2022-26940 at the referenced MSRC URLs. The EPSS score has remained flat at 0.1635 since disclosure, providing no indication of rising exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-31485
Vulnerability details
Remote Desktop Protocol Client Information Disclosure Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.