Home
Description
Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.
PUBLISHED Reserved 2025-08-12 | Published 2025-10-14 | Updated 2025-10-14 | Assigner microsoft
HIGH: 7.0CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Problem types
CWE-287: Improper Authentication
Product status
10.0.26200.0 before 10.0.26200.6899
affected
10.0.20348.0 before 10.0.20348.4294
affected
10.0.19044.0 before 10.0.19044.6456
affected
10.0.22621.0 before 10.0.22621.6060
affected
10.0.19045.0 before 10.0.19045.6456
affected
10.0.26100.0 before 10.0.26100.6899
affected
10.0.22631.0 before 10.0.22631.6060
affected
10.0.22631.0 before 10.0.22631.6060
affected
10.0.25398.0 before 10.0.25398.1913
affected
10.0.26100.0 before 10.0.26100.6899
affected
10.0.26100.0 before 10.0.26100.6899
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55340 (Windows Remote Desktop Protocol Security Feature Bypass) vendor-advisory
cve.org
(CVE-2025-55340)
nvd.nist.gov
(CVE-2025-55340)
Download JSON
