AI description
CVE-2025-21297 is a remote code execution vulnerability affecting Windows Remote Desktop Services. It was discovered and disclosed in January 2025. The vulnerability can be exploited by an unauthenticated attacker sending a specially crafted RDP packet to a vulnerable system. Successful exploitation allows the attacker to execute arbitrary code on the target system. To successfully exploit this vulnerability, an attacker must win a race condition by precisely timing their actions, connecting to a system running the Remote Desktop Gateway role, then triggering the race condition to create a use-after-free scenario.
- Description
- Windows Remote Desktop Services Remote Code Execution Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.1
- Impact score
- 5.9
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-416
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
Windows RD Gateway の脆弱性 CVE-2025-21297:RCE – PoC エクスプロイトが登場 https://t.co/yafKyiSGS1 Microsoft Windows RD Gateway の脆弱性 CVE-2025-21297 (CVSS:8.1) に対する、PoC が公開されました。ご利用のチームは、十分にご注意
@iototsecnews
29 May 2025
85 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Vulnerabilidad crítica en Windows RD Gateway (CVE-2025-21297) 🔍 Se ha identificado una falla de ejecución remota de código (RCE) en Windows Remote Desktop Gateway, explotable por errores en la gestión de memoria durante la inicialización del sistema. https://t.co/T1d
@tpx_Security
20 May 2025
131 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: Race Condition in Windows Remote Desktop Gateway Enables RCE - PoC Demonstrates CVE-2025-21297 Severity: ⚠️ Critical Maturity: 💢 Emerging Learn more: https://t.co/AIWGwfapmh #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
20 May 2025
52 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
2025年1月Microsoftはリモートデスクトップゲートウェイ(RD Gateway)の深刻な脆弱性(CVE-2025-21297)を公表した。この脆弱性はKunlun LabのVictorV氏により発見され、既に実際の攻撃で悪用されている。 原因は aaedge.dll
@yousukezan
19 May 2025
1740 Impressions
1 Retweet
10 Likes
3 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-21297 is a high-risk Windows RD Gateway flaw that enables remote code execution. Patch your servers ASAP. Read More: https://t.co/4S7edREqof #CVE202521297 #RDGateway #WindowsSecurity #Canada #CanadaCyberAwareness https://t.co/o7L10PLz2l
@FindSecCyber
19 May 2025
59 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Windows RDゲートウェイの脆弱性CVE-2025-21297に対応するPoC(攻撃の概念実証コード)が公表された。並列ソケット接続時に発生する解放後メモリ使用で、遠隔コード実行が成立。5月の更新で修正されたもの。 https
@__kokumoto
19 May 2025
986 Impressions
0 Retweets
6 Likes
1 Bookmark
0 Replies
0 Quotes
Windows Remote Desktop Gateway(RD Gateway)において、重大なリモートコード実行(RCE)脆弱性が発見された(CVE-2025-21297)。この脆弱性は、Kunlun Labの研究者VictorVによって報告され、Microsoftにより公式に認識されている。
@yousukezan
19 May 2025
2625 Impressions
8 Retweets
20 Likes
4 Bookmarks
0 Replies
0 Quotes
今月気になるのは、悪用されそうなWindows OLEのRCE(CVE-2025-21298)や、Remote Desktop Gatewayの認証無しRCE(CVE-2025-21297、CVE-2025-21309)(ただしrace conditionなので難易度高)あたりです。 The January 2025 Security Update Review https://t.co/fKEOFMtBoc
@autumn_good_35
15 Jan 2025
645 Impressions
0 Retweets
2 Likes
3 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA4426DD-B748-4CC4-AC68-88AD963E5F0C",
"versionEndExcluding": "10.0.14393.7699"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F604C79-6A12-44C9-B69D-A2E323641079",
"versionEndExcluding": "10.0.17763.6775"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B8C9C82-359E-4318-A10D-AA47CDFB38FE",
"versionEndExcluding": "10.0.20348.3091"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3E0C061-2DA7-4237-9607-F6792DC92DD3",
"versionEndExcluding": "10.0.25398.1369"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "2CFD18D5-3C1F-4E3A-A143-EE3F1FFBB880",
"versionEndExcluding": "10.0.26100.2894"
}
],
"operator": "OR"
}
]
}
]