Elevation of Privilege Vulnerability in Windows Remote Access Connection Manager by Microsoft
CVE-2025-59230

7.8HIGH

Key Information:

Vendor

Microsoft
Status
Windows 10 Version 1809
Windows Server 2019
Windows Server 2019 (server Core Installation)
Windows Server 2022
Vendor
CVE Published:
14 October 2025

Badges

🥇 Trended No. 1📈 Trended📈 Score: 5,360👾 Exploit Exists🦅 CISA Reported📰 News Worthy

What is CVE-2025-59230?

CVE-2025-59230 is a vulnerability found in the Windows Remote Access Connection Manager, a component of Microsoft's operating system that manages remote access services. This vulnerability arises from improper access control, enabling an authorized attacker to elevate their privileges locally. The implications of this flaw are significant, as it allows users with limited privileges to gain higher access levels, potentially leading to unauthorized system modifications, access to sensitive data, and the capacity to execute malicious actions on the affected systems. Organizations relying on Microsoft’s remote access services must be particularly vigilant, as exploitation could compromise the integrity of their systems and data security.

Potential impact of CVE-2025-59230

  1. Unauthorized System Access: An attacker could leverage this vulnerability to gain elevated privileges, allowing them to bypass security measures and access restricted areas of the system.

  2. Data Breaches: Once an attacker has heightened privileges, they can access sensitive information, potentially leading to data theft and significant privacy violations.

  3. System Compromise: Elevated privileges could allow attackers to execute malicious software or perform actions that disrupt operating environments, leading to further security incidents and operational disruptions.

CISA has reported CVE-2025-59230

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-59230 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.21161

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.8519

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.7919

News Articles

favicon imageForbes

Patch These Microsoft Windows Vulnerabilities Now, CISA Warns

Microsoft Windows 10 and 11 users are at risk from two new security threats — update before the CISA two-week deadline expires to stay safe.

2 weeks ago

favicon imageeSecurity Planet

CISA Alerts to Active Exploitation of Critical Windows Flaw | eSecurity Planet

CISA warns of an exploited Windows flaw that lets attackers gain control of systems.

3 weeks ago

favicon imagegbhackers.com

CISA Alerts on Actively Exploited Windows Improper Access Control Flaw

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding an actively exploited vulnerability in Microsoft Windows.

3 weeks ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🥇

    Vulnerability reached the number 1 worldwide trending spot

  • 📈

    Vulnerability started trending

  • 📰

    First article discovered by The Hacker News

  • 👾

    Exploit known to exist

  • 🦅

    CISA Reported

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-59230 : Elevation of Privilege Vulnerability in Windows Remote Access Connection Manager by Microsoft