CVSS 3.1 Score 5.3 of 10 (medium)


Published Aug 31, 2023
Updated: Jan 12, 2024
CWE ID 125


The vulnerability with the CVE ID CVE-2023-40188 affects FreeRDP, which is a free implementation of the Remote Desktop Protocol (RDP). The vulnerability is related to an Out-Of-Bounds Read in the `general_LumaToYUV444` function. This issue can lead to errors or crashes due to insufficient data processing on the `in` variable. The vulnerability has been addressed in versions 2.11.0 and 3.0.0-beta3, and users are advised to upgrade to these versions. There are no known workarounds for this vulnerability. The potential danger it poses to organizations is rated as medium severity with a base score of 5.3 according to the CVSS 3.1 scoring system, indicating that it could be exploited remotely without requiring user interaction and may impact availability of the system.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-40188 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options