Headline
CVE-2022-21851: Remote Desktop Client Remote Code Execution Vulnerability
What is required to exploit this vulnerability?
An authenticated user might be tricked into connecting to a malicious remote desktop server in which the remote desktop host server sends a specially crafted PDU (Server RDP Preconnection) targeting the remote client’s drive redirection virtual channel. The end result is a potential for remote code execution on the victims machine.