Volerion logoVolerion
Volerion logoVolerion

Microsoft Remote Desktop Client Heap-Based Buffer Overflow Vulnerability Allowing Remote Code Execution

Vulnerability

A heap-based buffer overflow vulnerability has been identified in the Remote Desktop Client. This vulnerability allows an unauthorized attacker to execute code over a network. It is present in multiple Windows 10 and Windows 11 versions, as well as in Windows Server 2012, 2016, 2019, 2022, and 2025. The vulnerability arises when a victim connects to an attacking server using the vulnerable Remote Desktop Client, potentially leading to remote code execution on the victim's machine.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected system.

Remediation

Users can download the security update for this vulnerability via the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5094122, KB5094123, KB5094126, KB5093998, and KB5095051.

Added: Jun 9, 2026, 7:29 PM
Updated: Jun 9, 2026, 7:29 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
7.5
exploitability
5.6
remediation
0.0
relevance
9.6
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.