CVE-2025-24045
Published: 11 March 2025
Description
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Security Summary
CVE-2025-24045 is a vulnerability in Windows Remote Desktop Services that involves sensitive data storage in improperly locked memory, as indicated by CWE-591. Published on 2025-03-11, it carries a CVSS v3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting high severity due to its potential for significant impact on confidentiality, integrity, and availability.
An unauthorized attacker with network access can exploit this vulnerability to execute code remotely. Exploitation requires high attack complexity but no privileges, user interaction, or scope change, enabling remote code execution against affected systems running the vulnerable Remote Desktop Services component.
The Microsoft Security Response Center provides guidance on this vulnerability, including details on patches and mitigation, in its update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24045.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability provides unauthenticated remote code execution in Windows Remote Desktop Services over the network, directly enabling the Exploitation of Remote Services technique for initial access or lateral movement.