CVE-2025-60713

Опубликовано: 11 нояб. 2025

Источник: msrc

CVSS3: 7.8

EPSS Низкий

Описание

Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Продукт	Статья	Обновление
Windows Server 2016	5068864	Security Update
Windows Server 2016 (Server Core installation)	5068864	Security Update
Windows Server 2019	5068791	Security Update
Windows Server 2019 (Server Core installation)	5068791	Security Update
Windows Server 2022	5068787 5068840	Security Update Security Hotpatch Update
Windows Server 2022 (Server Core installation)	5068787 5068840	Security Update Security Hotpatch Update
Windows Server 2022, 23H2 Edition (Server Core installation)	5068779	Security Update
Windows Server 2025	5068861 5068966	Security Update Security Hotpatch Update
Windows Server 2025 (Server Core installation)	5068861 5068966	Security Update Security Hotpatch Update

Показывать по

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Unlikely

EPSS

Процентиль: 15%

0.00049

Низкий

7.8 High

CVSS3

CVE-2025-60713

CVSS3: 7.8

nvd

около 1 месяца назад

Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.

GHSA-297f-24c2-wwfv

CVSS3: 7.8

github

около 1 месяца назад

Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.

BDU:2025-14067

CVSS3: 7.8

fstec

около 1 месяца назад

Уязвимость службы Routing and Remote Access Service (RRAS) операционных систем Windows, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 15%

0.00049

Низкий

7.8 High

CVSS3