{"@odata.context":"https://api.msrc.microsoft.com/sug/v2.0/sugodata/v2.0/en-US/$metadata#vulnerability/$entity","id":"00000000-0000-0000-0000-0000fde0932a","releaseDate":"2026-07-14T07:00:00-07:00","cveNumber":"CVE-2026-56190","cveTitle":"Remote Desktop Protocol Remote Code Execution Vulnerability","releaseNumber":"2026-Jul","vulnType":"Security Vulnerability","latestRevisionDate":"2026-07-14T07:00:00-07:00","description":"<p>Use of uninitialized resource in Windows RDP allows an unauthorized attacker to execute code over a network.</p>\n","cweList":["CWE-908: Use of Uninitialized Resource"],"cweDetailsListForSearch":["cwe: CWE-908: Use of Uninitialized Resource","cweUrl: https://cwe.mitre.org/data/definitions/908.html"],"unformattedDescription":"Use of uninitialized resource in Windows RDP allows an unauthorized attacker to execute code over a network.","mitreText":"CVE-2026-56190","mitreUrl":"https://www.cve.org/CVERecord?id=CVE-2026-56190","publiclyDisclosed":"No","exploited":"No","latestSoftwareReleaseId":2,"latestSoftwareRelease":"Exploitation Less Likely","olderSoftwareReleaseId":0,"denialOfService":"N/A","tag":"Windows RDP","issuingCna":"Microsoft","issuingCnaId":100000001,"severityId":100000001,"severity":"Important","impactId":100000005,"impact":"Remote Code Execution","langCode":"en-US","baseScore":"9.8","temporalScore":"8.5","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","vectorStringSource":"Microsoft","isMariner":false,"customerActionRequired":true,"customerActionRequiredId":1,"cweDetailsList":[{"keys":["cwe","cweUrl"],"values":["CWE-908: Use of Uninitialized Resource","https://cwe.mitre.org/data/definitions/908.html"]}],"articles":[{"title":"Windows RDP Remote Code Execution Vulnerability","articleType":"100000000","description":"<p>Use of uninitialized resource in Windows RDP allows an unauthorized attacker to execute code over a network.</p>\n","ordinal":10000},{"articleType":"FAQ","description":"<p><strong>How could an attacker exploit this vulnerability?</strong></p>\n<p>An attacker could exploit this vulnerability by sending specially crafted Remote Desktop Protocol (RDP) traffic to a system where Network Level Authentication (NLA) is disabled. The malicious data can interact with improperly initialized memory in the affected component, leading to memory corruption that the attacker may leverage to control how memory is written. This type of issue can allow an attacker to write data to unintended locations in memory, potentially enabling further compromise of the affected system.</p>\n","ordinal":10000}],"revisions":[{"cveNumber":"CVE-2026-56190","version":1,"revisionDate":"2026-07-14T07:00:00-07:00","initialDate":"0001-01-01T00:00:00Z","description":"<p>Information published.</p>\n","unformattedDescription":"Information published.","notificationNeeded":false,"notificationSent":false,"sourceId":"be4b544b-316f-f111-93fe-000d3afbc7d7"}]}