CVE-2025-21187 Overview
CVE-2025-21187 is a remote code execution vulnerability affecting Microsoft Power Automate for Desktop. Despite the "remote code execution" classification, the attack vector is local and requires user interaction to trigger exploitation. The flaw is associated with CWE-94: Improper Control of Generation of Code, indicating a code injection weakness within the automation runtime. Successful exploitation results in full compromise of confidentiality, integrity, and availability on the affected workstation. Microsoft published the advisory as part of the January 2025 security update cycle.
Critical Impact
An authenticated local attacker who convinces a user to interact with a crafted Power Automate flow can execute arbitrary code with the privileges of the targeted user.
Affected Products
- Microsoft Power Automate for Desktop
- Windows endpoints running vulnerable Power Automate for Desktop builds
- Enterprise environments using Power Automate flows for RPA automation
Discovery Timeline
- 2025-01-14 - CVE-2025-21187 published to NVD
- 2025-02-05 - Last updated in NVD database
Technical Details for CVE-2025-21187
Vulnerability Analysis
The vulnerability resides in Microsoft Power Automate for Desktop, the desktop component of Microsoft's robotic process automation (RPA) platform. The weakness maps to CWE-94, improper control of code generation, commonly referred to as code injection. An attacker can craft input that the Power Automate runtime processes as executable logic rather than data. Because Power Automate flows can interact with files, processes, and credentials on the host, code execution within this context grants meaningful capability to the attacker. Exploitation requires local access and a user action, such as opening or running a malicious flow file. The vulnerability does not require elevated privileges to trigger, but the attacker gains code execution at the privilege level of the user running the flow.
Root Cause
The root cause is improper validation of inputs that the Power Automate runtime evaluates during flow execution. Untrusted content embedded in a flow definition is treated as code, enabling arbitrary command execution within the automation engine.
Attack Vector
The attack requires local access and user interaction. A typical scenario involves an adversary delivering a malicious Power Automate flow through phishing, a shared workspace, or a compromised collaboration channel. When the targeted user imports or runs the flow, the embedded code executes on the endpoint with the user's privileges. Refer to the Microsoft Security Update Guide for CVE-2025-21187 for vendor-supplied technical context.
Detection Methods for CVE-2025-21187
Indicators of Compromise
- Unexpected child processes spawned by Power Automate executables such as PAD.Console.Host.exe or Microsoft.Flow.RPA.Desktop.UIflowService.exe.
- Power Automate flow files (.txt, .json, or exported .zip packages) arriving from untrusted email or file-sharing sources.
- Outbound network connections initiated by Power Automate processes to non-Microsoft domains shortly after flow execution.
Detection Strategies
- Monitor process lineage where Power Automate components launch shells (cmd.exe, powershell.exe) or scripting hosts (wscript.exe, cscript.exe).
- Alert on creation of executables, scripts, or scheduled tasks by the Power Automate runtime user context.
- Correlate flow import events with subsequent file writes to user-writable directories such as %APPDATA% and %TEMP%.
Monitoring Recommendations
- Forward Power Automate desktop logs and Windows Sysmon process telemetry to a centralized SIEM for behavioral analytics.
- Track installed Power Automate for Desktop versions across the fleet to identify endpoints still running pre-patch builds.
- Audit Power Automate flow sources and restrict imports to signed or organizationally approved repositories.
How to Mitigate CVE-2025-21187
Immediate Actions Required
- Apply the Microsoft security update for Power Automate for Desktop referenced in the MSRC advisory.
- Inventory all endpoints running Power Automate for Desktop and prioritize patching workstations used by privileged users.
- Block import and execution of Power Automate flows received from external or untrusted sources until patches are deployed.
Patch Information
Microsoft addressed CVE-2025-21187 through an updated release of Power Automate for Desktop distributed via the standard Power Automate update channel. Administrators should consult the Microsoft Security Update Guide for the specific fixed build number and deployment guidance. Endpoints configured with automatic updates will receive the corrected version through Microsoft's distribution mechanism.
Workarounds
- Restrict Power Automate for Desktop usage to vetted users through Microsoft 365 administrative policies until patching is complete.
- Enforce application control policies (such as Windows Defender Application Control or AppLocker) to block unsigned scripts spawned by Power Automate processes.
- Provide user awareness training emphasizing the risk of opening Power Automate flows received from untrusted senders.
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

