Microsoft disclosed a critical vulnerability in Windows Remote Desktop Services on August 12, 2025, that enables attackers to launch denial-of-service attacks remotely without requiring authentication or user interaction.
The flaw, tracked as CVE-2025-53722, has been assigned an “Important” severity rating with a CVSS score of 7.5 out of 10.
Vulnerability Details and Attack Vector
The security flaw stems from uncontrolled resource consumption within Windows Remote Desktop Services, classified under CWE-400 weakness category.
What makes this vulnerability particularly concerning is its low attack complexity combined with network-based exploitation capabilities.
| Attribute | Details |
| CVE ID | CVE-2025-53722 |
| Severity | Important (CVSS 7.5/6.5) |
| Impact | Denial of Service |
Attackers can target vulnerable systems remotely without needing any privileges on the target machine or requiring victims to perform specific actions.
The vulnerability allows unauthorized attackers to overwhelm Remote Desktop Services by consuming system resources, effectively rendering the service unavailable to legitimate users.
This type of attack can severely disrupt business operations, especially for organizations heavily reliant on remote desktop access for daily operations.
Microsoft’s Common Vulnerability Scoring System (CVSS) analysis reveals several critical aspects of this flaw.
The attack vector is classified as “Network,” meaning attackers can exploit the vulnerability from remote locations across network boundaries.
The “Low” attack complexity indicates that exploitation doesn’t require sophisticated techniques or specialized conditions, making it accessible to a broader range of threat actors.
The vulnerability specifically impacts system availability while leaving confidentiality and integrity unaffected. However, the “High” availability impact rating suggests that successful exploitation can cause significant service disruptions.
The unchanged scope classification indicates that the vulnerability affects only the vulnerable component itself rather than spreading to other system components.
Current threat intelligence indicates that exploit code maturity remains “Unproven,” suggesting that no reliable public exploits have been identified yet.
However, security researchers warn that the combination of network accessibility and low attack complexity could lead to rapid exploit development once technical details become widely available.
Organizations using Windows Remote Desktop Services face immediate risk, particularly those exposing these services directly to the internet.
The vulnerability’s characteristics make it an attractive target for cybercriminals seeking to disrupt operations or create diversionary attacks while pursuing other malicious objectives.
Microsoft has released an official fix for CVE-2025-53722, achieving a “Official Fix” remediation level status with “Confirmed” report confidence.
IT administrators should prioritize applying the security update across all systems running Windows Remote Desktop Services.
As interim measures, organizations should consider implementing network-level protections such as restricting Remote Desktop Services access through firewalls and VPNs.
Additionally, monitoring network traffic for unusual patterns targeting RDP services can help detect potential exploitation attempts.
The disclosure underscores the critical importance of maintaining current security patches for remote access technologies, particularly as hybrid work environments continue to rely heavily on such services for business continuity.
AWS Security Services:10-Point Executive Checklist - Download for Free