RDP MAC Vulnerability: Unencrypted Sessions in Microsoft Windows

RDP MAC Vulnerability: Unencrypted Sessions in Microsoft Windows

CVE-2014-0296 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly encrypt sessions, which makes it easier for man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify session content by sending crafted RDP packets, aka "RDP MAC Vulnerability."

Learn more about our Cis Benchmark Audit For Desktop Software.