~/cve/CVE-2025-24045

pipeline liveDigest Docs

CVE-2025-24045

published 2025-03-11

CVE-2025-24045: Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

high8.1CVSS 3.1

AVNACHPRNUINSUCHIHAH

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

Affected

19 ranges

Vendor	Product	Version range	Fixed in
microsoft	windows_server_2012	—	—
microsoft	windows_server_2012	>= 6.2.9200.0 < 6.2.9200.25368	6.2.9200.25368
microsoft	windows_server_2012_r2	>= 6.3.9600.0 < 6.3.9600.22470	6.3.9600.22470
microsoft	windows_server_2016	< 10.0.14393.7876	10.0.14393.7876
microsoft	windows_server_2016	>= 10.0.14393.0 < 10.0.14393.7876	10.0.14393.7876
microsoft	windows_server_2019	< 10.0.17763.7009	10.0.17763.7009
microsoft	windows_server_2019	>= 10.0.17763.0 < 10.0.17763.7009	10.0.17763.7009
microsoft	windows_server_2022	< 10.0.20348.3270	10.0.20348.3270
microsoft	windows_server_2022	>= 10.0.20348.0 < 10.0.20348.3328	10.0.20348.3328
microsoft	windows_server_2022_23h2	< 10.0.25398.1486	10.0.25398.1486
microsoft	windows_server_2025	< 10.0.26100.3403	10.0.26100.3403
microsoft	windows_server_2025	>= 10.0.26100.0 < 10.0.26100.3476	10.0.26100.3476
msrc	windows_server_2012	—	—
msrc	windows_server_2012_r2	—	—
msrc	windows_server_2016	—	—
msrc	windows_server_2019	—	—
msrc	windows_server_2022	—	—
msrc	windows_server_2022_23h2_edition	—	—
msrc	windows_server_2025	—	—