FreeRDP

Cisco's Talos team has discovered multiple vulnerabilities within the open source remote desktop tool, FreeRDP. Exploitation of these vulnerabilities could result in denial-of-service conditions or remote code execution. The NJCCIC recommends users and administrators of FreeRDP review the associated Cisco Talos Vulnerability Spotlight and implement the recommended Snort Rules to detect exploitation attempts. Users and administrators may also want to consider discontinuing the use of FreeRDP unless and until a patch addressing these vulnerabilities is released. As always, the NJCCIC strongly recommends disabling remote access tools and closing associated ports if they are unneeded in your network environment. Necessary remote access implementations should be accompanied by the use of a VPN and multi-factor authentication.