CVEs-PoC/2020/CVE-2020-4032.md

### [CVE-2020-4032](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4032)
![](https://img.shields.io/static/v1?label=Product&message=FreeRDP&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-681%3A%20Incorrect%20Conversion%20between%20Numeric%20Types&color=brighgreen)

### Description

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2.

### POC

#### Reference
- https://usn.ubuntu.com/4481-1/

#### Github
No PoCs found on GitHub currently.