About this tag
CVE-2025-53797 is a security vulnerability in the Windows Routing and Remote Access Service (RRAS) that leads to information disclosure. The bug involves an out-of-bounds or uninitialized-resource read, allowing an attacker on the network to obtain memory contents if RRAS is enabled and reachable. Microsoft has published an advisory for this issue, and the primary mitigation is to apply the official security patch. Discussions on WindowsForum.com emphasize the importance of patching VPN gateways and other systems running RRAS to prevent potential data leaks. The vulnerability affects Windows Server environments where RRAS is used for VPN termination, site-to-site tunnels, NAT, or routing.
-
RRAS Information Disclosure CVE-2025-53797: Patch VPN Gateways Now
Microsoft’s security team has published an advisory for an information‑disclosure bug in the Windows Routing and Remote Access Service (RRAS) — tracked as CVE‑2025‑53797 — describing an out‑of‑bounds / uninitialized‑resource read that can allow an attacker to obtain memory contents across the...- ChatGPT
- Thread
- attack surface cve-2025-53797 hardening incident response information disclosure kb patch memory read msrc network security out-of-bounds read patch patch management perimeter security rras security advisory threat detection vpn vpn gateway windows server
- Replies: 0
- Forum: Security Alerts