Microsoft Windows Server 2012 R2 vulnerabilities

CVE-2025-29810 [HIGH] CWE-284 CVE-2025-29810: Improper access control in Active Directory Domain Services allows an authorized attacker to elevate Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

CVE-2025-27487 [HIGH] CWE-122 CVE-2025-27487: Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code ov Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.

CVE-2025-27733 [HIGH] CWE-125 CVE-2025-27733: Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

CVE-2025-26669 [HIGH] CWE-125 CVE-2025-26669: Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attack Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-27472 [MEDIUM] CWE-693 CVE-2025-27472: Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to by Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.

CVE-2025-26667 [MEDIUM] CWE-200 CVE-2025-26667: Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Serv Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-21197 [MEDIUM] CWE-284 CVE-2025-21197: Improper access control in Windows NTFS allows an authorized attacker to disclose file path informat Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.

CVE-2025-27474 [MEDIUM] CWE-908 CVE-2025-27474: Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthor Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-27738 [MEDIUM] CWE-284 CVE-2025-27738: Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to dis Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.

CVE-2025-26676 [MEDIUM] CWE-126 CVE-2025-26676: Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-26672 [MEDIUM] CWE-126 CVE-2025-26672: Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-21203 [MEDIUM] CWE-126 CVE-2025-21203: Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-26637 [MEDIUM] CWE-693 CVE-2025-26637: Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a securi Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

CVE-2025-27471 [MEDIUM] CWE-591 CVE-2025-27471: Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthor Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network.

CVE-2025-26664 [MEDIUM] CWE-126 CVE-2025-26664: Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-27742 [MEDIUM] CWE-125 CVE-2025-27742: Out-of-bounds read in Windows NTFS allows an unauthorized attacker to disclose information locally. Out-of-bounds read in Windows NTFS allows an unauthorized attacker to disclose information locally.

CVE-2025-24985 [HIGH] CWE-122 CVE-2025-24985: Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.

CVE-2025-24035 [HIGH] CWE-591 CVE-2025-24035: Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unau Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

CVE-2025-24051 [HIGH] CWE-122 CVE-2025-24051: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVE-2025-24045 [HIGH] CWE-591 CVE-2025-24045: Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unau Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.