CVE-2026-21525

Опубликовано: 10 фев. 2026

Источник: msrc

CVSS3: 6.2

EPSS Низкий

Описание

Windows Remote Access Connection Manager Denial of Service Vulnerability

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.

Продукт	Статья	Обновление
Windows Server 2012	5075971	Monthly Rollup
Windows Server 2012 (Server Core installation)	5075971	Monthly Rollup
Windows Server 2012 R2	5075970	Monthly Rollup
Windows Server 2012 R2 (Server Core installation)	5075970	Monthly Rollup
Windows Server 2016	5075999	Security Update
Windows 10 Version 1607 for 32-bit Systems	5075999	Security Update
Windows 10 Version 1607 for x64-based Systems	5075999	Security Update
Windows Server 2016 (Server Core installation)	5075999	Security Update
Windows 10 Version 1809 for 32-bit Systems	5075904	Security Update
Windows 10 Version 1809 for x64-based Systems	5075904	Security Update

Показывать по

Publicly Disclosed

Exploited

Yes

Latest Software Release

Exploitation Detected

EPSS

Процентиль: 89%

0.04193

Низкий

6.2 Medium

CVSS3

CVE-2026-21525

CVSS3: 6.2

nvd

около 1 месяца назад

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.

GHSA-cf8p-vhmm-h7g6

CVSS3: 6.2

github

около 1 месяца назад

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.

BDU:2026-01698

CVSS3: 6.2

fstec

около 1 месяца назад

Уязвимость службы Remote Access Connection Manager (RASMan) операционной системы Windows, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 89%

0.04193

Низкий

6.2 Medium

CVSS3