CVE-2026-25172
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Tags
Description
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
Analysis
Remote code execution in Windows Routing and Remote Access Service (RRAS) across Windows Server 2012, 2022, and 2022 23h2 stems from an integer overflow vulnerability that authenticated network attackers can exploit with user interaction. Public exploit code exists for this vulnerability, enabling attackers to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify and inventory all systems running RRAS; restrict network access to RRAS ports (typically TCP/UDP 1194, 1723) to trusted networks only; enable enhanced monitoring and logging. Within 7 days: Implement network segmentation to isolate RRAS servers; deploy IDS/IPS signatures to detect exploitation attempts; conduct urgent security assessment of RRAS-exposed systems. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today