6.5

CVE-2025-62473

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerMicrosoft
Produkt Windows 10 Version 1809
Version < 10.0.17763.8146
Version 10.0.17763.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2019
Version < 10.0.17763.8146
Version 10.0.17763.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2019 (Server Core installation)
Version < 10.0.17763.8146
Version 10.0.17763.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2022
Version < 10.0.20348.4529
Version 10.0.20348.0
Status affected
HerstellerMicrosoft
Produkt Windows 10 Version 21H2
Version < 10.0.19044.6691
Version 10.0.19044.0
Status affected
HerstellerMicrosoft
Produkt Windows 10 Version 22H2
Version < 10.0.19045.6691
Version 10.0.19045.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2025 (Server Core installation)
Version < 10.0.26100.7462
Version 10.0.26100.0
Status affected
HerstellerMicrosoft
Produkt Windows 11 Version 25H2
Version < 10.0.26200.7462
Version 10.0.26200.0
Status affected
HerstellerMicrosoft
Produkt Windows 11 version 22H3
Version < 10.0.22631.6345
Version 10.0.22631.0
Status affected
HerstellerMicrosoft
Produkt Windows 11 Version 23H2
Version < 10.0.22631.6345
Version 10.0.22631.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2022, 23H2 Edition (Server Core installation)
Version < 10.0.25398.2025
Version 10.0.25398.0
Status affected
HerstellerMicrosoft
Produkt Windows 11 Version 24H2
Version < 10.0.26100.7462
Version 10.0.26100.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2025
Version < 10.0.26100.7462
Version 10.0.26100.0
Status affected
HerstellerMicrosoft
Produkt Windows 10 Version 1607
Version < 10.0.14393.8688
Version 10.0.14393.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2016
Version < 10.0.14393.8688
Version 10.0.14393.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2016 (Server Core installation)
Version < 10.0.14393.8688
Version 10.0.14393.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2008 Service Pack 2
Version < 6.0.6003.23666
Version 6.0.6003.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2008 Service Pack 2 (Server Core installation)
Version < 6.0.6003.23666
Version 6.0.6003.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2008 R2 Service Pack 1
Version < 6.1.7601.28064
Version 6.1.7601.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2008 R2 Service Pack 1 (Server Core installation)
Version < 6.1.7601.28064
Version 6.1.7601.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2012
Version < 6.2.9200.25815
Version 6.2.9200.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2012 (Server Core installation)
Version < 6.2.9200.25815
Version 6.2.9200.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2012 R2
Version < 6.3.9600.22920
Version 6.3.9600.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2012 R2 (Server Core installation)
Version < 6.3.9600.22920
Version 6.3.9600.0
Status affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.07% 0.216
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secure@microsoft.com 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE-126 Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.