You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 59230
About this tag
CVE-2025-59230 is a local privilege escalation vulnerability in Windows Remote Access Connection Manager (RasMan) that was patched in Microsoft's October security roll-up. The flaw, classified as improper access control (CWE-284), allows a locally authenticated attacker to escalate privileges to SYSTEM. It carries a CVSSv3.1 base score of 7.8 and was observed being exploited in the wild before the patch was released. Discussions on WindowsForum cover the vulnerability details, affected systems, and mitigation steps for administrators.
Microsoft’s October security roll-up closed a dangerous local privilege‑escalation hole in the Remote Access Connection Manager (RasMan) — tracked as CVE‑2025‑59230 — after Microsoft and its threat teams observed in‑the‑wild exploitation; the flaw is an improper access control condition that...