~/cve/CVE-2025-60713

pipeline liveDigest Docs

CVE-2025-60713

published 2025-11-11

CVE-2025-60713: Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.

high7.8CVSS 3.1

AVLACLPRLUINSUCHIHAH

Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.

Affected

14 ranges

Vendor	Product	Version range	Fixed in
microsoft	windows_server_2016	< 10.0.14393.8594	10.0.14393.8594
microsoft	windows_server_2016	>= 10.0.14393.0 < 10.0.14393.8594	10.0.14393.8594
microsoft	windows_server_2019	< 10.0.17763.8027	10.0.17763.8027
microsoft	windows_server_2019	>= 10.0.17763.0 < 10.0.17763.8027	10.0.17763.8027
microsoft	windows_server_2022	< 10.0.20348.4346	10.0.20348.4346
microsoft	windows_server_2022	>= 10.0.20348.0 < 10.0.20348.4405	10.0.20348.4405
microsoft	windows_server_2022_23h2	< 10.0.25398.1965	10.0.25398.1965
microsoft	windows_server_2025	< 10.0.26100.7092	10.0.26100.7092
microsoft	windows_server_2025	>= 10.0.26100.0 < 10.0.26100.7171	10.0.26100.7171
msrc	windows_server_2016	—	—
msrc	windows_server_2019	—	—
msrc	windows_server_2022	—	—
msrc	windows_server_2022_23h2_edition	—	—
msrc	windows_server_2025	—	—