cbcvebase.
CVE-2024-49085
published 2024-12-12

CVE-2024-49085: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Affected

25 ranges
VendorProductVersion rangeFixed in
microsoftwindows_server_2008
microsoftwindows_server_2008_r2_service_pack_1>= 6.1.7601.0 < 6.1.7601.274676.1.7601.27467
microsoftwindows_server_2008_service_pack_2>= 6.0.6003.0 < 6.0.6003.230166.0.6003.23016
microsoftwindows_server_2012
microsoftwindows_server_2012>= 6.2.9200.0 < 6.2.9200.252226.2.9200.25222
microsoftwindows_server_2012_r2>= 6.3.9600.0 < 6.3.9600.223186.3.9600.22318
microsoftwindows_server_2016< 10.0.14393.760610.0.14393.7606
microsoftwindows_server_2016>= 10.0.14393.0 < 10.0.14393.760610.0.14393.7606
microsoftwindows_server_2019< 10.0.17763.665910.0.17763.6659
microsoftwindows_server_2019>= 10.0.17763.0 < 10.0.17763.665910.0.17763.6659
microsoftwindows_server_2022< 10.0.20348.296610.0.20348.2966
microsoftwindows_server_2022>= 10.0.20348.0 < 10.0.20348.296610.0.20348.2966
microsoftwindows_server_2022_23h2< 10.0.25398.130810.0.25398.1308
microsoftwindows_server_2025< 10.0.26100.260510.0.26100.2605
microsoftwindows_server_2025>= 10.0.26100.0 < 10.0.26100.260510.0.26100.2605
msrcwindows_server_2008_for_32-bit_systems_service_pack_2
msrcwindows_server_2008_for_x64-based_systems_service_pack_2
msrcwindows_server_2008_r2_for_x64-based_systems_service_pack_1
msrcwindows_server_2012
msrcwindows_server_2012_r2
msrcwindows_server_2016
msrcwindows_server_2019
msrcwindows_server_2022
msrcwindows_server_2022_23h2_edition
msrcwindows_server_2025