cbcvebase.
CVE-2025-50157
published 2025-08-12

CVE-2025-50157: Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.

medium5.7CVSS 3.1
AVNACLPRLUIRSUCHINAN
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.

Affected

27 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_server_2008
microsoftwindows_server_2008_r2_service_pack_1>= 6.1.7601.0 < 6.1.7601.278726.1.7601.27872
microsoftwindows_server_2008_service_pack_2>= 6.0.6003.0 < 6.0.6003.234716.0.6003.23471
microsoftwindows_server_2012
microsoftwindows_server_2012>= 6.2.9200.0 < 6.2.9200.256226.2.9200.25622
microsoftwindows_server_2012_r2>= 6.3.9600.0 < 6.3.9600.227256.3.9600.22725
microsoftwindows_server_2016< 10.0.14393.833010.0.14393.8330
microsoftwindows_server_2016>= 10.0.14393.0 < 10.0.14393.833010.0.14393.8330
microsoftwindows_server_2019< 10.0.17763.767810.0.17763.7678
microsoftwindows_server_2019>= 10.0.17763.0 < 10.0.17763.767810.0.17763.7678
microsoftwindows_server_2022< 10.0.20348.398910.0.20348.3989
microsoftwindows_server_2022>= 10.0.20348.0 < 10.0.20348.405210.0.20348.4052
microsoftwindows_server_2022_23h2< 10.0.25398.179110.0.25398.1791
microsoftwindows_server_2025< 10.0.26100.485110.0.26100.4851
microsoftwindows_server_2025>= 10.0.26100.0 < 10.0.26100.494610.0.26100.4946
msrcazl3_kernel_6.6.76.1-1_on_azure_linux_3.0
msrcazl3_kernel_6.6.92.2-1_on_azure_linux_3.0
msrcwindows_server_2008_for_32-bit_systems_service_pack_2
msrcwindows_server_2008_for_x64-based_systems_service_pack_2
msrcwindows_server_2008_r2_for_x64-based_systems_service_pack_1
msrcwindows_server_2012
msrcwindows_server_2012_r2
msrcwindows_server_2016
msrcwindows_server_2019
msrcwindows_server_2022