Jul 2025: Remote Desktop Spoofing Vulnerability
CVE-2025-33054 Published on July 8, 2025
Remote Desktop Spoofing Vulnerability
Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over a network.
Weakness Type
Insufficient UI Warning of Dangerous Operations
The user interface provides a warning to a user regarding dangerous or sensitive operations, but the warning is not noticeable enough to warrant attention.
Products Associated with CVE-2025-33054
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-33054 are published in these products:
Affected Versions
Microsoft Windows 11 version 22H2:- Version 10.0.22621.0 and below 10.0.22621.5624 is affected.
- Version 10.0.22631.0 and below 10.0.22631.5624 is affected.
- Version 10.0.22631.0 and below 10.0.22631.5624 is affected.
- Version 10.0.26100.0 and below 10.0.26100.4652 is affected.
- Version 10.0.26100.0 and below 10.0.26100.4652 is affected.
- Version 10.0.26100.0 and below 10.0.26100.4652 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.