Windows RRAS Buffer Over-read Vulnerability

MEDIUM (6.5) No Patch (5 days)
cwe-126buffer-over-readmicrosoftrrasvulnerability-disclosurewindows-server

Threat Intelligence

Low Risk
EPSS Score: 0.07% chance of exploitation (percentile: 23%)
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: No public exploits found

How we test →

What is it?

The Windows Routing and Remote Access Service (RRAS) is a network protocol that enables remote access to Windows networks. A buffer over-read vulnerability in the RRAS service allows an unauthorized attacker to disclose sensitive information, such as IP addresses and port numbers, over a network.

Am I affected?

You're affected if you use Buffer over-read. Specific version info not stated in the advisory.

Affected Products

Microsoft / Windows Server

How to fix

To fix this vulnerability, Microsoft recommends applying the latest security updates:

  • For Windows Server 2019: Install KB5003221 from the Microsoft Update Catalog.
  • For Windows Server 2022: Install KB5003221 from the Microsoft Update Catalog.

Immediate mitigations:
- Disable RRAS on non-production servers to prevent potential disclosure of sensitive information.
- Monitor network traffic for suspicious activity related to the RRAS service.

References