Volerion logoVolerion
Volerion logoVolerion

Microsoft Remote Desktop Client Relative Path Traversal Remote Code Execution Vulnerability

Vulnerability

A relative path traversal vulnerability has been identified in the Microsoft Remote Desktop Client. This issue allows an unauthorized attacker to execute code on the victim's machine over the network. The vulnerability arises when a Remote Desktop client connects to a malicious server, potentially leading to remote code execution on the client side.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected system.

Reproduction

To reproduce this vulnerability, an admin user must connect to a malicious Remote Desktop server using a vulnerable version of the Remote Desktop Client. This connection will trigger the remote code execution on the client's machine.

Remediation

Users can apply the security update KB5053596 to address this vulnerability. This update is available through the Microsoft Update Catalog.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
10.0
exploitability
4.8
remediation
7.7
relevance
0.0
threat
1.6
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.