Windows RRAS Vulnerability

HIGH (8.8)
cwe-822microsoftnetwork-exploitationremote-accessrrasvulnerabilitywindows

Threat Intelligence

Low Risk
EPSS Score: 0.08% chance of exploitation (percentile: 24%)
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: No public exploits found

How we test →

What is it?

The Windows Routing and Remote Access Service (RRAS) is a network protocol that allows remote access to local networks. This vulnerability, CVE-2025-62549, is a result of an untrusted pointer dereference bug in the Windows RRAS service, allowing an attacker to execute code over a network without requiring any privileges or user interaction.

Am I affected?

You're affected if you use Untrusted pointer dereference. Specific version info not stated in the advisory.

How to fix

  1. Enable the "Windows Defender Application Control" feature in Windows 10 version 2004 (OS Build 19041) or later.
  2. Go to Settings > Security & Update > Windows Security > Virus & threat protection > Manage settings.

  3. Click on "Cloud-delivered protection" and toggle it on.

  4. Apply the Windows 10 KB5003176 update, which includes a fix for this vulnerability.

  5. You can check for updates in Settings > Updates & Security > Windows Update.
  6. Alternatively, you can download the update from Microsoft's website: https://support.microsoft.com/en-us/topic/windows-10-update-history-4730a4e5-a3c7-8e14-bb11-9fbb9d9f2901

References