Improper Certificate Validation in FreeRDP - #VU137825
Published: July 16, 2026
FreeRDP
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass TLS server certificate purpose validation.
The vulnerability exists due to improper certificate validation in tls_verify_certificate(), freerdp_certificate_verify(), and x509_utils_verify() when verifying the server certificate during the client-side TLS handshake. A remote attacker can present a trusted certificate that matches the target hostname but is valid only for client authentication to bypass TLS server certificate purpose validation.
Exploitation requires that the FreeRDP client trust the issuing certificate authority or chain and that the certificate hostname match the target.