CVE-2025-68670 — CRITICAL (9.1)

Q: How severe is CVE-2025-68670?

CVE-2025-68670 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2025-68670?

Check the references section above for vendor advisories and patch information. Affected products include: Neutrinolabs Xrdp, Debian Debian Linux.

Vulnerability Description

xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote attackers to execute arbitrary code on the target system. The vulnerability allows an attacker to overwrite the stack buffer and the return address, which could theoretically be used to redirect the execution flow. The impact of this vulnerability is lessened if a compiler flag has been used to build the xrdp executable with stack canary protection. If this is the case, a second vulnerability would need to be used to leak the stack canary value. Upgrade to version 0.10.5 to receive a patch. Additionally, do not rely on stack canary protection on production systems.

CVSS Score

9.1

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Neutrinolabs	Xrdp	< 0.10.5
Debian	Debian Linux	11.0

Related Weaknesses (CWE)

CWE-121 CWE-787

References

https://github.com/neutrinolabs/xrdp/commit/488c8c7d4d189514a366cd8301b6e816c521Patch
https://github.com/neutrinolabs/xrdp/releases/tag/v0.10.5ProductRelease Notes
https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-rwvg-gp87-gh6fVendor Advisory
https://lists.debian.org/debian-lts-announce/2026/02/msg00003.htmlMailing List

FAQ

What is CVE-2025-68670?

CVE-2025-68670 is a vulnerability with a CVSS score of 9.1 (CRITICAL). xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain ...

How severe is CVE-2025-68670?

CVE-2025-68670 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2025-68670?

Check the references section above for vendor advisories and patch information. Affected products include: Neutrinolabs Xrdp, Debian Debian Linux.