Microsoft Windows Server 2012
Moderate fix1 remedy
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*
Moderate fix1 remedy
Microsoft Windows RRAS Remote Code Execution Vulnerability
Vulnerability
A heap-based buffer overflow vulnerability has been identified in the Windows Routing and Remote Access Service (RRAS). This vulnerability allows an unauthorized attacker to execute code remotely over the network. It affects multiple versions of Windows Server, including 2012 R2, 2008 R2, 2008, 2016, 2022, 2019, and 2025. The vulnerability requires user interaction, as an attacker must trick a user into connecting to a malicious server, which could then send harmful data to the user's system, potentially leading to arbitrary code execution.
Impact
Exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system.
Remediation
Users can download the security update for this vulnerability through the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5065507, KB5065509, KB5065427, KB5065432, KB5065428, and KB5065468.
Added: Sep 9, 2025, 6:28 PM
Updated: Sep 9, 2025, 6:28 PM
Vulnerability Rating
Custom Algorithm
spread
8.1impact
10.0exploitability
6.0remediation
7.7relevance
0.5threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.