Remote Code Execution Vulnerability in Windows Remote Desktop Services by Microsoft
CVE-2025-32710

8.1HIGH

Key Information:

Vendor: Microsoft
Status: Windows Server 2019; Windows Server 2019 (server Core Installation); Windows Server 2022; Windows Server 2025 (server Core Installation)
Vendor: CVE Published:; 10 June 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-32710?

A use after free vulnerability in Windows Remote Desktop Services enables unauthorized attackers to execute arbitrary code over a network. This flaw can lead to significant security breaches, allowing malicious parties to gain control over affected systems. Users are urged to apply relevant security updates and patches to mitigate potential risks and protect their systems from exploitation.

Affected Version(s)

Windows Server 2008 Service Pack 2 x64-based Systems 6.0.6003.0 < 6.0.6003.23317

Windows Server 2008 R2 Service Pack 1 (Server Core installation) x64-based Systems 6.1.7601.0 < 6.1.7601.27729

Windows Server 2008 R2 Service Pack 1 x64-based Systems 6.1.7601.0 < 6.1.7601.27729

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

RCE-CVE-2025-32710
Created by Sincan2

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jun 18, 2025
👾
Exploit known to exist
Jun 18, 2025
Vulnerability published
Jun 10, 2025
Vulnerability Reserved
Apr 9, 2025