CVE-2002-1749

critical

Description

Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/8199

http://www.securityfocus.com/bid/4095

http://www.ntbugtraq.com/default.aspx?pid=36&sid=1&A2=ind0202&L=ntbugtraq&T=0&O=D&F=N&P=5224

Details

Source: Mitre, NVD

Published: 2002-12-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00533