CVE-2024-49125
Severity CVSS v4.0:
Pending analysis
Type:
CWE-122
Heap-based Buffer Overflow
Publication date:
12/12/2024
Last modified:
14/01/2025
Description
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* | 10.0.14393.7606 (excluding) | |
| cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* | 10.0.17763.6659 (excluding) | |
| cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* | 10.0.20348.2966 (excluding) | |
| cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* | 10.0.25398.1308 (excluding) | |
| cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:* | 10.0.26100.2605 (excluding) |
To consult the complete list of CPE names with products and versions, see this page