AI description
CVE-2025-60703 is a vulnerability in Windows Remote Desktop Services (RDS). It involves an untrusted pointer dereference, which could allow an authorized attacker to elevate their privileges locally on a system. Successful exploitation of CVE-2025-60703 could allow an attacker with local code execution to escalate their privileges to SYSTEM, potentially enabling them to pivot laterally within a network or bypass endpoint isolation controls. Microsoft has assigned a confidence metric to this vulnerability, reflecting their certainty regarding its existence and the credibility of the technical details.
- Description
- Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_23h2, windows_11_24h2, windows_11_25h2, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-822
- Hype score
- Not currently trending
CVE-2025-60703 Windows Remote Desktop Services Elevation of Privilege Vulnerability https://t.co/uiublrYeLq #CybersecurityTrends #CyberThreats #ITSupport #ManagedServices #MSSP #CyberSecurity #ManagedServices #ThreatResponse #Compliance #SecurityAutomation #MSPCommunity #SecQube
@SecQube
12 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
MicrosoftがWindowsのリモートデスクトップサービス(RDS)に重大な脆弱性を公表。認証済みの攻撃者が権限昇格し、SYSTEM権限を奪取できる恐れがある。企業ネットワークでは深刻な内部リスクとなる可能性がある
@yousukezan
12 Nov 2025
115554 Impressions
411 Retweets
1057 Likes
391 Bookmarks
1 Reply
33 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "7BB42F69-3A99-4057-8C66-870B6ABFCED2",
"versionEndExcluding": "10.0.14393.8594"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "19D83039-82E6-420D-95EA-3D3B1BA37ED8",
"versionEndExcluding": "10.0.14393.8594"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "16F25469-D606-4A71-9A94-C10E1D08B231",
"versionEndExcluding": "10.0.17763.8027"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "1A6A1513-48D5-4D4D-97F1-BFDAE4DC9396",
"versionEndExcluding": "10.0.17763.8027"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB5C0945-7EA1-4874-98E7-4234D85E0C0D",
"versionEndExcluding": "10.0.19044.6575"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "655C5458-E6FB-408D-BCB4-0D28F8283D55",
"versionEndExcluding": "10.0.19045.6575"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0752A377-F96A-4B2F-B542-A9A9665AB913",
"versionEndExcluding": "10.0.22631.6199"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4345F25E-DF90-4CB2-B310-F82E08502815",
"versionEndExcluding": "10.0.26100.7092"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A547AA3-FC6B-46D9-8D22-995C3CA33140",
"versionEndExcluding": "10.0.26200.7092"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD73B71D-FB6A-4B0E-80F5-9F6A06FC93A3",
"versionEndExcluding": "10.0.14393.8594"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "970E52EF-A858-4132-9D8C-4B31E169002C",
"versionEndExcluding": "10.0.17763.8027"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5791ADD5-7D67-4659-9DA2-09337A1D82C1",
"versionEndExcluding": "10.0.20348.4346"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "256174B8-134D-44F5-9497-408AC51DE5DB",
"versionEndExcluding": "10.0.25398.1965"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69424DAF-E9EA-4B50-80EC-5BAA97DEB772",
"versionEndExcluding": "10.0.26100.7092"
}
],
"operator": "OR"
}
]
}
]