CNNVD-202509-1199 Information
CNNVD ID
CNNVD-202509-1199
Related CVE
- CNNVD Published: 2025-09-09
Description (Chinese)
Microsoft Windows Routing and Remote Access Service是美国微软(Microsoft)公司的一种网络服务,用于实现网络路由、虚拟专用网络(VPN)和拨号连接等功能。 Microsoft Windows Routing and Remote Access Service存在缓冲区错误漏洞。攻击者利用该漏洞可以获取敏感信息。以下产品和版本受到影响:Windows Server 2012 R2 (Server Core installation),Windows Server 2019,Windows Server 2019 (Server Core installation),Windows Server 2022,Windows Server 2025,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows Server 2008 for 32-bit Systems Service Pack 2,Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation),Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2022 (Server Core installation),Windows Server 2025 (Server Core installation),Windows Server 2022, 23H2 Edition (Server Core installation)。
Description (English)
Microsoft Windows Routing and Remote Access Service is a network service of Microsoft Corporation in the United States, which is used to perform network routing, virtual private network (VPN) and dial-up connectivity. Microsoft Windows Routing and Remote Access Service has an error hole in the buffer zone. The attackers use that loophole to obtain sensitive information. The following products and versions are affected: Windows Service 2012 R2 (Server Corporation), Windows Service 2019, Windows Service 2019 (Server Services Service 2022, Windows Service 2025, Windows Service 2016, Windows Service 2016 (Server Services Service), Windows Service 2008 Service for Service Service 2, Service Service Service for Service Service, and Service Service Service for Service Services for Service Services in Service Services, (Wows Service Service for Service Service Service, 2012 Service Service Service for Service Pack 2, Service Service Service for Service Capacity Building, Service Service Service Service for Service Delivery Services for Service Service Building, Service Service Service for Service Services in Service Services, Service Services for Service Services in Service Services, and Service Service Services for Service Services in Service Services in Services.
Hazard Level
High
Vulnerability Type
缓冲区错误
Affected Vendor
微软
Published
2025-09-09
Last Modified
2026-02-24
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54096
Patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54096
Share on: