Volerion logoVolerion
Volerion logoVolerion

Microsoft Windows Remote Desktop Services Use-After-Free Vulnerability Allowing Remote Code Execution

Vulnerability

A use-after-free vulnerability has been identified in Windows Remote Desktop Services. This issue allows an unauthorized attacker to execute code remotely over a network. The vulnerability arises from a race condition that creates a use-after-free scenario, which can be exploited to execute arbitrary code on the affected system.

Impact

Exploitation of this vulnerability could lead to unauthorized remote code execution on the affected system.

Reproduction

To reproduce this vulnerability, connect to a system with the Remote Desktop Gateway role. The exploitation involves triggering the race condition that creates the use-after-free scenario, which can then be leveraged to execute arbitrary code.

Remediation

Users can apply the security updates provided by Microsoft to address this vulnerability. These security updates can be downloaded via the Microsoft Update Catalog.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
8.1
impact
7.5
exploitability
6.2
remediation
7.7
relevance
0.0
threat
1.6
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.