cve 2025 59510

CVE-2025-59510 is a local denial-of-service vulnerability in Windows Routing and Remote Access Service (RRAS) caused by improper link resolution before file access. An authorized local attacker can exploit this flaw to disrupt RRAS availability on affected systems. Microsoft released a security update on November 11, 2025, to address the issue. The vulnerability carries a CVSS v3.1 base score of 5.5 (Medium), indicating a locally exploitable availability impact. Windows users and administrators should apply the patch to mitigate the risk of service disruption.