CVE-2025-21297

Published Jan 14, 2025

Last updated 5 months ago

CVSS high 8.1
Windows Remote Desktop

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-21297 is a remote code execution vulnerability affecting Windows Remote Desktop Services. It was discovered and disclosed in January 2025. The vulnerability can be exploited by an unauthenticated attacker sending a specially crafted RDP packet to a vulnerable system. Successful exploitation allows the attacker to execute arbitrary code on the target system. To successfully exploit this vulnerability, an attacker must win a race condition by precisely timing their actions, connecting to a system running the Remote Desktop Gateway role, then triggering the race condition to create a use-after-free scenario.

Description
Windows Remote Desktop Services Remote Code Execution Vulnerability
Source
secure@microsoft.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
8.1
Impact score
5.9
Exploitability score
2.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-416
nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending
  1. Windows RD Gateway の脆弱性 CVE-2025-21297:RCE – PoC エクスプロイトが登場 https://t.co/yafKyiSGS1 Microsoft Windows RD Gateway の脆弱性 CVE-2025-21297 (CVSS:8.1) に対する、PoC が公開されました。ご利用のチームは、十分にご注意

    @iototsecnews

    29 May 2025

    85 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 Vulnerabilidad crítica en Windows RD Gateway (CVE-2025-21297) 🔍 Se ha identificado una falla de ejecución remota de código (RCE) en Windows Remote Desktop Gateway, explotable por errores en la gestión de memoria durante la inicialización del sistema. https://t.co/T1d

    @tpx_Security

    20 May 2025

    131 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Threat Alert: Race Condition in Windows Remote Desktop Gateway Enables RCE - PoC Demonstrates CVE-2025-21297 Severity: ⚠️ Critical Maturity: 💢 Emerging Learn more: https://t.co/AIWGwfapmh #CyberSecurity #ThreatIntel #InfoSec

    @fletch_ai

    20 May 2025

    52 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  4. 2025年1月Microsoftはリモートデスクトップゲートウェイ(RD Gateway)の深刻な脆弱性(CVE-2025-21297)を公表した。この脆弱性はKunlun LabのVictorV氏により発見され、既に実際の攻撃で悪用されている。 原因は aaedge.dll

    @yousukezan

    19 May 2025

    1740 Impressions

    1 Retweet

    10 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨 CVE-2025-21297 is a high-risk Windows RD Gateway flaw that enables remote code execution. Patch your servers ASAP. Read More: https://t.co/4S7edREqof #CVE202521297 #RDGateway #WindowsSecurity #Canada #CanadaCyberAwareness https://t.co/o7L10PLz2l

    @FindSecCyber

    19 May 2025

    59 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Windows RDゲートウェイの脆弱性CVE-2025-21297に対応するPoC(攻撃の概念実証コード)が公表された。並列ソケット接続時に発生する解放後メモリ使用で、遠隔コード実行が成立。5月の更新で修正されたもの。 https

    @__kokumoto

    19 May 2025

    986 Impressions

    0 Retweets

    6 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  7. Windows Remote Desktop Gateway(RD Gateway)において、重大なリモートコード実行(RCE)脆弱性が発見された(CVE-2025-21297)。この脆弱性は、Kunlun Labの研究者VictorVによって報告され、Microsoftにより公式に認識されている。

    @yousukezan

    19 May 2025

    2625 Impressions

    8 Retweets

    20 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  8. 今月気になるのは、悪用されそうなWindows OLEのRCE(CVE-2025-21298)や、Remote Desktop Gatewayの認証無しRCE(CVE-2025-21297、CVE-2025-21309)(ただしrace conditionなので難易度高)あたりです。 The January 2025 Security Update Review https://t.co/fKEOFMtBoc

    @autumn_good_35

    15 Jan 2025

    645 Impressions

    0 Retweets

    2 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.