CVE-2026-32107
Received Received - Intake
Privilege Escalation in xrdp Session Execution Component

Publication date: 2026-04-17

Last updated on: 2026-04-27

Assigner: GitHub, Inc.

Description
xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop process. This improper privilege management could allow an authenticated local attacker to escalate privileges to root and execute arbitrary code on the system. An additional exploit would be needed to facilitate this. This issue has been fixed in version 0.10.6.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-17
Last Modified
2026-04-27
Generated
2026-05-07
AI Q&A
2026-04-18
EPSS Evaluated
2026-05-05
NVD
CVE-2026-32107
EUVD
EUVD-2026-23474
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
neutrinolabs xrdp to 0.10.6 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-273 The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

This vulnerability allows an authenticated local attacker to escalate privileges to root and execute arbitrary code on the system due to improper privilege management in xrdp versions through 0.10.5.

Such a privilege escalation and potential unauthorized code execution could lead to unauthorized access to sensitive data or system controls, which may impact compliance with standards and regulations like GDPR and HIPAA that require strict access controls and protection of sensitive information.

However, the provided information does not explicitly describe the direct impact on compliance with these standards.


Can you explain this vulnerability to me?

This vulnerability exists in xrdp, an open source Remote Desktop Protocol (RDP) server. In versions up to 0.10.5, the component responsible for session execution did not correctly handle errors during the process of dropping privileges. This improper handling could allow an authenticated local attacker to escalate their privileges to root level and execute arbitrary code on the affected system.

To exploit this vulnerability, an attacker must already have local authentication access and would need an additional exploit to fully leverage the privilege escalation.

The issue has been fixed in version 0.10.6 of xrdp.


How can this vulnerability impact me? :

If exploited, this vulnerability can allow an authenticated local attacker to gain root privileges on the system running xrdp. This means the attacker could execute arbitrary code with the highest level of system permissions.

Such an escalation could lead to full system compromise, including unauthorized access to sensitive data, modification or deletion of files, installation of malicious software, and disruption of system operations.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, upgrade xrdp to version 0.10.6 or later, where the issue has been fixed.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart