CVE-2025-50157 | THREATINT

Description

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.

Reserved 2025-06-13 | Published 2025-08-12 | Updated 2025-08-12 | Assigner microsoft

MEDIUM: 5.7CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

Problem types

CWE-908: Use of Uninitialized Resource

Product status

10.0.17763.0 before 10.0.17763.7678

affected

10.0.17763.0 before 10.0.17763.7678

affected

10.0.20348.0 before 10.0.20348.4052

affected

10.0.26100.0 before 10.0.26100.4946

affected

10.0.25398.0 before 10.0.25398.1791

affected

10.0.26100.0 before 10.0.26100.4946

affected

10.0.14393.0 before 10.0.14393.8330

affected

10.0.14393.0 before 10.0.14393.8330

affected

6.0.6003.0 before 6.0.6003.23471

affected

6.0.6003.0 before 6.0.6003.23471

affected

6.0.6003.0 before 6.0.6003.23471

affected

6.1.7601.0 before 6.1.7601.27872

affected

6.1.7601.0 before 6.1.7601.27872

affected

6.2.9200.0 before 6.2.9200.25622

affected

6.2.9200.0 before 6.2.9200.25622

affected

6.3.9600.0 before 6.3.9600.22725

affected

6.3.9600.0 before 6.3.9600.22725

affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50157 (Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability) vendor-advisory

cve.org (CVE-2025-50157)

nvd.nist.gov (CVE-2025-50157)

Download JSON