Windows Routing and Remote Access Service (RRAS)
by Microsoft
CVEs (53)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-53138 | 0.00 | — | 0.01 | Aug 12, 2025 | Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network. | |||
| CVE-2025-50163 | 0.00 | — | 0.01 | Aug 12, 2025 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-50162 | 0.00 | — | 0.01 | Aug 12, 2025 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | |||
| CVE-2025-50156 | 0.00 | — | 0.01 | Aug 12, 2025 | Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network. | |||
| CVE-2025-49669 | 0.00 | — | 0.01 | Jul 8, 2025 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-49688 | 0.00 | — | 0.01 | Jul 8, 2025 | Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-49657 | 0.00 | — | 0.01 | Jul 8, 2025 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-33066 | 0.00 | — | 0.01 | Jun 10, 2025 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-33064 | 0.00 | — | 0.01 | Jun 10, 2025 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | |||
| CVE-2025-29836 | 0.00 | — | 0.01 | May 13, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2025-29832 | 0.00 | — | 0.01 | May 13, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2025-26676 | 0.00 | — | 0.01 | Apr 8, 2025 | Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2025-21203 | 0.00 | — | 0.01 | Apr 8, 2025 | Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2025-27474 | 0.00 | — | 0.02 | Apr 8, 2025 | Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2025-26668 | 0.00 | — | 0.01 | Apr 8, 2025 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-26667 | 0.00 | — | 0.02 | Apr 8, 2025 | Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2025-26669 | 0.00 | — | 0.01 | Apr 8, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2025-26664 | 0.00 | — | 0.02 | Apr 8, 2025 | Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2025-21410 | 0.00 | — | 0.02 | Feb 11, 2025 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | |||
| CVE-2024-49104 | 0.00 | — | 0.02 | Dec 10, 2024 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
- CVE-2025-53138Aug 12, 2025risk 0.00cvss —epss 0.01
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.
- CVE-2025-50163Aug 12, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- CVE-2025-50162Aug 12, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
- CVE-2025-50156Aug 12, 2025risk 0.00cvss —epss 0.01
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.
- CVE-2025-49669Jul 8, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- CVE-2025-49688Jul 8, 2025risk 0.00cvss —epss 0.01
Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- CVE-2025-49657Jul 8, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- CVE-2025-33066Jun 10, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- CVE-2025-33064Jun 10, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
- CVE-2025-29836May 13, 2025risk 0.00cvss —epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- CVE-2025-29832May 13, 2025risk 0.00cvss —epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- CVE-2025-26676Apr 8, 2025risk 0.00cvss —epss 0.01
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- CVE-2025-21203Apr 8, 2025risk 0.00cvss —epss 0.01
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- CVE-2025-27474Apr 8, 2025risk 0.00cvss —epss 0.02
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- CVE-2025-26668Apr 8, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- CVE-2025-26667Apr 8, 2025risk 0.00cvss —epss 0.02
Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- CVE-2025-26669Apr 8, 2025risk 0.00cvss —epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- CVE-2025-26664Apr 8, 2025risk 0.00cvss —epss 0.02
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- CVE-2025-21410Feb 11, 2025risk 0.00cvss —epss 0.02
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-49104Dec 10, 2024risk 0.00cvss —epss 0.02
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Page 2 of 3