vulnerability
Microsoft Windows: CVE-2025-49688: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Jul 8, 2025 | Jul 8, 2025 | Sep 9, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Jul 8, 2025
Added
Jul 8, 2025
Modified
Sep 9, 2025
Description
Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
Solutions
microsoft-windows-windows_server_2012_r2-kb5062597microsoft-windows-windows_server_2016-1607-kb5062560microsoft-windows-windows_server_2019-1809-kb5062557microsoft-windows-windows_server_2022-21h2-kb5062572microsoft-windows-windows_server_2022-22h2-kb5062572microsoft-windows-windows_server_2022-23h2-kb5062570microsoft-windows-windows_server_2025-24h2-kb5062553
References
- CVE-2025-49688
- https://attackerkb.com/topics/CVE-2025-49688
- CWE-415
- URL-https://support.microsoft.com/help/5062553
- URL-https://support.microsoft.com/help/5062557
- URL-https://support.microsoft.com/help/5062560
- URL-https://support.microsoft.com/help/5062570
- URL-https://support.microsoft.com/help/5062572
- URL-https://support.microsoft.com/help/5062597
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.