Primary

Context

Microsoft Remote Desktop Client Heap-Based Buffer Overflow Vulnerability Allowing Remote Code Execution

Vulnerability

A heap-based buffer overflow vulnerability has been identified in Microsoft Remote Desktop Client. This vulnerability allows an unauthorized attacker to execute code remotely over a network. The issue arises when a victim connects to a compromised Remote Desktop Server using the vulnerable client.

Impact

Exploitation of this vulnerability could lead to unauthorized remote code execution on the affected machine.

Reproduction

To reproduce this vulnerability, an attacker must control a Remote Desktop Server and exploit the buffer overflow when a victim connects to the server using the vulnerable Remote Desktop Client.

Added: Jun 9, 2026, 7:31 PM

Updated: Jun 9, 2026, 7:31 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

10.0

exploitability

4.0

remediation

0.0

relevance

9.4

threat

1.6

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

10.0

exploitability

4.0

remediation

0.0

relevance

9.4

threat

1.6

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Remote Desktop Client Heap-Based Buffer Overflow Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Reproduction

Affected Products

Microsoft Remote Desktop Client

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating