Microsoft Windows Server 2012
Moderate fix2 remedies
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*
Moderate fix2 remedies
Microsoft Windows Remote Desktop Gateway Service Use-After-Free Vulnerability Allowing Remote Code Execution
Vulnerability
A use-after-free vulnerability has been identified in the Remote Desktop Gateway Service of Microsoft Windows. This vulnerability allows an unauthorized attacker to execute arbitrary code over the network. It arises from a race condition that creates a use-after-free scenario, which can be exploited by an attacker connecting to a system with the Remote Desktop Gateway role.
Impact
Exploitation of this vulnerability could lead to unauthorized remote code execution on the affected system.
Reproduction
To reproduce this vulnerability, an admin user must stop or restart the Remote Desktop Gateway Service, creating a window of opportunity for an attacker to exploit the use-after-free condition and execute arbitrary code.
Remediation
Users can apply the security update KB5058411 to address this vulnerability. This update is available through the Microsoft Update Catalog.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
8.1impact
7.5exploitability
5.9remediation
7.7relevance
0.0threat
1.6urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.