Click, Parse, Execute - When a GUI Agent's Control Plane Becomes a Remote Control Surface
A Remote Code Execution about modern “Computer Use” agents, Microsoft’s OmniParser/OmniTool, and what happens when capability meets reachability. “In agent stacks, every HTTP port that can do things is a pair of hands. Make sure they’re yours.” Video from Microsoft TL;DR While mapping Microsoft’s OmniParser/OmniTool , I followed the path from prompt → parsing → action and found a reachable, unauthenticated execution surface on the VM controller. If the service is network-accessible, that path becomes remote code execution (RCE) remote control by design. Attackers can send command directly to control the GUI Agent running on the computer. Microsoft acknowledged the issue (MSRC Case 97706), shipped a fix, and has assigned CVE-2025-55322 (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-55322). Upgrade and harden now. ...