Windows Remote Access Connection Manager
by Microsoft
CVEs (16)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-38240 | Hig | 0.53 | 8.1 | 0.01 | Sep 10, 2024 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | ||
| CVE-2025-47955 | Hig | 0.51 | 7.8 | 0.01 | Jun 10, 2025 | Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. | ||
| CVE-2024-26211 | Hig | 0.51 | 7.8 | 0.04 | Apr 9, 2024 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | ||
| CVE-2022-21914 | Hig | 0.51 | 7.8 | 0.01 | Jan 11, 2022 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | ||
| CVE-2022-21885 | Hig | 0.51 | 7.8 | 0.01 | Jan 11, 2022 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | ||
| CVE-2021-43223 | Hig | 0.51 | 7.8 | 0.01 | Dec 15, 2021 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | ||
| CVE-2021-33773 | Hig | 0.51 | 7.8 | 0.01 | Jul 14, 2021 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | ||
| CVE-2024-26217 | Med | 0.36 | 5.5 | 0.01 | Apr 9, 2024 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||
| CVE-2022-35831 | Med | 0.36 | 5.5 | 0.01 | Sep 13, 2022 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||
| CVE-2022-26930 | Med | 0.36 | 5.5 | 0.01 | May 10, 2022 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||
| CVE-2021-34457 | Med | 0.36 | 5.5 | 0.01 | Jul 16, 2021 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||
| CVE-2021-34454 | Med | 0.36 | 5.5 | 0.01 | Jul 16, 2021 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||
| CVE-2021-33763 | Med | 0.36 | 5.5 | 0.01 | Jul 14, 2021 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||
| CVE-2024-30071 | Med | 0.31 | 4.7 | 0.01 | Jul 9, 2024 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||
| CVE-2026-21525 | 0.13 | — | 0.05 | KEV | Feb 10, 2026 | Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally. | ||
| CVE-2025-62474 | 0.00 | — | 0.00 | Dec 9, 2025 | Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. |
- risk 0.53cvss 8.1epss 0.01
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.04
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Remote Access Connection Manager Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Remote Access Connection Manager Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Remote Access Connection Manager Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Remote Access Connection Manager Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Remote Access Connection Manager Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Remote Access Connection Manager Information Disclosure Vulnerability
- risk 0.31cvss 4.7epss 0.01
Windows Remote Access Connection Manager Information Disclosure Vulnerability
- risk 0.13cvss —epss 0.05
Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.
- CVE-2025-62474Dec 9, 2025risk 0.00cvss —epss 0.00
Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.