CVE-2026-57979
Received Received - Intake

Out-of-Bounds Read in Windows Remote Desktop

Vulnerability report for CVE-2026-57979, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-14

Last updated on: 2026-07-14

Assigner: Microsoft Corporation

Description

Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-14
Last Modified
2026-07-14
Generated
2026-07-14
AI Q&A
2026-07-14
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
microsoft windows_rdp *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-57979 is an out-of-bounds read vulnerability in Windows Remote Desktop Protocol (RDP). This flaw allows an unauthorized attacker to read data beyond the intended boundaries of memory, which can lead to the disclosure of sensitive information over a network.

The vulnerability is triggered when an attacker sends specially crafted input to a vulnerable RDP server or client, causing the system to read memory outside the allocated buffer. This can expose confidential data without requiring any privileges or user interaction beyond accessing the network.

Impact Analysis

This vulnerability can impact you in several ways:

  • Information disclosure: An attacker could access sensitive data stored in memory, such as credentials, personal information, or other confidential details.
  • Network-based exploitation: Since the attack is conducted over a network, an attacker does not need physical access to your system to exploit the vulnerability.
  • Potential for further attacks: The disclosed information could be used to facilitate additional attacks, such as privilege escalation or lateral movement within a network.

The CVSS score of 6.5 indicates a medium severity, with a high impact on confidentiality but no impact on integrity or availability.

Compliance Impact

This vulnerability can affect compliance with several standards and regulations, depending on the data exposed:

  • GDPR: If the disclosed information includes personal data of EU citizens, this could constitute a data breach under GDPR. Organizations may be required to report the incident and could face fines if they failed to implement adequate security measures.
  • HIPAA: If the exposed data includes protected health information (PHI), this could violate HIPAA regulations. Covered entities and business associates may need to report the breach and could be subject to penalties.
  • Other regulations: Depending on the industry, this vulnerability could also impact compliance with standards like PCI DSS (if payment data is exposed) or sector-specific regulations.

Organizations should assess the type of data at risk and their obligations under relevant regulations to determine the compliance impact.

Detection Guidance

The provided context does not include specific detection methods or commands for identifying CVE-2026-57979 on a network or system. Detection typically involves checking for vulnerable versions of Windows RDP or using network monitoring tools to identify unusual out-of-bounds read attempts, but no explicit guidance is available in the given resources.

For accurate detection, refer to Microsoft's official guidance or security tools that scan for vulnerable RDP configurations. You may also monitor network traffic for anomalous RDP activity that could indicate exploitation attempts.

Mitigation Strategies

To mitigate CVE-2026-57979, apply the security update provided by Microsoft as soon as possible. The update addresses the out-of-bounds read vulnerability in Windows RDP.

  • Visit the Microsoft Update Guide for CVE-2026-57979 to download and install the patch: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57979.
  • If immediate patching is not feasible, consider disabling Remote Desktop Protocol (RDP) on systems where it is not required to reduce exposure.
  • Restrict RDP access to trusted networks or IP addresses using firewalls or network security groups.
  • Enable Network Level Authentication (NLA) for RDP connections to add an additional layer of authentication.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57979. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart