CVE-2025-53148

EPSS 0.81%
Veröffentlicht 12.08.2025 17:10:19
Zuletzt bearbeitet 18.08.2025 17:11:20
Quelle secure@microsoft.com
CVE-Watchlists
Login
Unerledigt
Login

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

NVD 10 VulnDex Vulnerability Enrichment 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Windows Server 2008 Version- Updatesp2 HwPlatformx64

Microsoft ≫ Windows Server 2008 Version- Updatesp2 HwPlatformx86

Microsoft ≫ Windows Server 2008 Versionr2 Updatesp1 HwPlatformx64

Microsoft ≫ Windows Server 2012 Version-

Microsoft ≫ Windows Server 2012 Versionr2

Microsoft ≫ Windows Server 2016 Version < 10.0.14393.8330

Microsoft ≫ Windows Server 2019 Version < 10.0.17763.7678

Microsoft ≫ Windows Server 2022 Version < 10.0.20348.3989

Microsoft ≫ Windows Server 2022 23h2 Version < 10.0.25398.1791

Microsoft ≫ Windows Server 2025 Version < 10.0.26100.4851

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.81%	0.743

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secure@microsoft.com	5.7	2.1	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53148

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-53148

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-53148

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-53148

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-53148