Jul 2025: Remote Desktop Client Remote Code Execution Vulnerability
CVE-2025-48817 Published on July 8, 2025
Remote Desktop Client Remote Code Execution Vulnerability
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Weakness Types
Relative Path Traversal
The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory. This allows attackers to traverse the file system to access files or directories that are outside of the restricted directory.
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2025-48817 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2025-48817
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-48817 are published in these products:
Affected Versions
Microsoft Remote Desktop client for Windows Desktop:- Version 1.2.0.0 and below 1.2.6353.0 is affected.
- Version 10.0.10240.0 and below 10.0.10240.21073 is affected.
- Version 10.0.14393.0 and below 10.0.14393.8246 is affected.
- Version 10.0.17763.0 and below 10.0.17763.7558 is affected.
- Version 10.0.19044.0 and below 10.0.19044.6093 is affected.
- Version 10.0.19045.0 and below 10.0.19045.6093 is affected.
- Version 10.0.22621.0 and below 10.0.22621.5624 is affected.
- Version 10.0.22631.0 and below 10.0.22631.5624 is affected.
- Version 10.0.22631.0 and below 10.0.22631.5624 is affected.
- Version 10.0.26100.0 and below 10.0.26100.4652 is affected.
- Version 1.00 and below 2.0.559.0 is affected.
- Version 6.1.7601.0 and below 6.1.7601.27820 is affected.
- Version 6.1.7601.0 and below 6.1.7601.27820 is affected.
- Version 6.0.6003.0 and below 6.0.6003.23418 is affected.
- Version 6.0.6003.0 and below 6.0.6003.23418 is affected.
- Version 6.2.9200.0 and below 6.2.9200.25573 is affected.
- Version 6.2.9200.0 and below 6.2.9200.25573 is affected.
- Version 6.3.9600.0 and below 6.3.9600.22676 is affected.
- Version 6.3.9600.0 and below 6.3.9600.22676 is affected.
- Version 10.0.14393.0 and below 10.0.14393.8246 is affected.
- Version 10.0.14393.0 and below 10.0.14393.8246 is affected.
- Version 10.0.17763.0 and below 10.0.17763.7558 is affected.
- Version 10.0.17763.0 and below 10.0.17763.7558 is affected.
- Version 10.0.20348.0 and below 10.0.20348.3932 is affected.
- Version 10.0.25398.0 and below 10.0.25398.1732 is affected.
- Version 10.0.26100.0 and below 10.0.26100.4652 is affected.
- Version 10.0.26100.0 and below 10.0.26100.4652 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.