Mar 2025: Remote Desktop Client Remote Code Execution Vulnerability
CVE-2025-26645 Published on March 11, 2025
Remote Desktop Client Remote Code Execution Vulnerability
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Weakness Types
Relative Path Traversal
The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory. This allows attackers to traverse the file system to access files or directories that are outside of the restricted directory.
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2025-26645 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2025-26645
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-26645 are published in these products:
Affected Versions
Microsoft Remote Desktop client for Windows Desktop:- Version 1.2.0.0 and below 1.2.6017.0 is affected.
- Version 10.0.10240.0 and below 10.0.10240.20947 is affected.
- Version 10.0.14393.0 and below 10.0.14393.7876 is affected.
- Version 10.0.17763.0 and below 10.0.17763.7009 is affected.
- Version 10.0.19044.0 and below 10.0.19044.5608 is affected.
- Version 10.0.19045.0 and below 10.0.19045.5608 is affected.
- Version 10.0.22621.0 and below 10.0.22621.5039 is affected.
- Version 10.0.22631.0 and below 10.0.22631.5039 is affected.
- Version 10.0.22631.0 and below 10.0.22631.5039 is affected.
- Version 10.0.26100.0 and below 10.0.26100.3476 is affected.
- Version 1.00 and below 2.0.365.0 is affected.
- Version 6.1.7601.0 and below 6.1.7601.27618 is affected.
- Version 6.1.7601.0 and below 6.1.7601.27618 is affected.
- Version 6.0.6003.0 and below 6.0.6003.23168 is affected.
- Version 6.0.6003.0 and below 6.0.6003.23168 is affected.
- Version 6.2.9200.0 and below 6.2.9200.25368 is affected.
- Version 6.2.9200.0 and below 6.2.9200.25368 is affected.
- Version 6.3.9600.0 and below 6.3.9600.22470 is affected.
- Version 6.3.9600.0 and below 6.3.9600.22470 is affected.
- Version 10.0.14393.0 and below 10.0.14393.7876 is affected.
- Version 10.0.14393.0 and below 10.0.14393.7876 is affected.
- Version 10.0.17763.0 and below 10.0.17763.7009 is affected.
- Version 10.0.17763.0 and below 10.0.17763.7009 is affected.
- Version 10.0.20348.0 and below 10.0.20348.3328 is affected.
- Version 10.0.25398.0 and below 10.0.25398.1486 is affected.
- Version 10.0.26100.0 and below 10.0.26100.3476 is affected.
- Version 10.0.26100.0 and below 10.0.26100.3476 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.