Skip to main content

CVE-2025-29836: CWE-125: Out-of-bounds Read in Microsoft Windows 10 Version 1809

Medium
VulnerabilityCVE-2025-29836cvecve-2025-29836cwe-125
Published: Tue May 13 2025 (05/13/2025, 16:59:00 UTC)
Source: CVE
Vendor/Project: Microsoft
Product: Windows 10 Version 1809

Description

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

AI-Powered Analysis

AILast updated: 07/18/2025, 20:59:28 UTC

Technical Analysis

CVE-2025-29836 is a security vulnerability classified as an out-of-bounds read (CWE-125) affecting Microsoft Windows 10 Version 1809, specifically build 10.0.17763.0. The flaw exists within the Windows Routing and Remote Access Service (RRAS), a component responsible for routing network traffic and providing remote access capabilities. An out-of-bounds read occurs when a program reads data outside the bounds of allocated memory, which can lead to the disclosure of sensitive information. In this case, an unauthorized attacker can exploit this vulnerability remotely over the network without requiring privileges but does require user interaction, such as convincing a user to initiate a connection or interaction with the vulnerable service. The vulnerability allows the attacker to disclose information, potentially leaking sensitive data from the system memory. The CVSS v3.1 base score is 6.5 (medium severity), reflecting high confidentiality impact but no impact on integrity or availability. The attack vector is network-based (AV:N), with low attack complexity (AC:L), no privileges required (PR:N), and user interaction required (UI:R). The scope is unchanged (S:U), meaning the vulnerability affects only the vulnerable component. There are no known exploits in the wild at the time of publication (May 13, 2025), and no patches have been linked yet. This vulnerability could be leveraged in targeted attacks to gather sensitive information from affected systems, potentially aiding further exploitation or reconnaissance activities.

Potential Impact

For European organizations, this vulnerability poses a risk primarily to systems running Windows 10 Version 1809 with RRAS enabled. RRAS is often used in enterprise environments for VPN and routing services, so organizations relying on this service for remote access could have sensitive network information exposed. The confidentiality breach could lead to leakage of internal network configurations, credentials, or other sensitive data, which could facilitate lateral movement or further attacks. Given the medium severity and the requirement for user interaction, the threat is moderate but still significant for organizations with remote access infrastructure. Industries with high reliance on secure remote access, such as finance, healthcare, and critical infrastructure, could be more impacted. Additionally, since Windows 10 Version 1809 is an older release, organizations that have not updated or migrated to newer supported versions remain vulnerable, increasing the attack surface. The lack of known exploits in the wild reduces immediate risk but does not eliminate the potential for future exploitation, especially in targeted attacks against European entities.

Mitigation Recommendations

1. Immediate mitigation should focus on disabling or restricting the use of RRAS on Windows 10 Version 1809 systems where it is not essential. 2. For systems requiring RRAS, implement strict network segmentation and firewall rules to limit exposure of the RRAS service to trusted networks and users only. 3. Educate users to avoid unsolicited network interactions that could trigger the vulnerability, reducing the risk posed by the required user interaction. 4. Monitor network traffic and logs for unusual activity related to RRAS connections that could indicate exploitation attempts. 5. Plan and prioritize upgrading affected systems to a supported and patched Windows version beyond 1809, as this version is out of mainstream support and may not receive timely patches. 6. Once Microsoft releases an official patch, apply it promptly to all affected systems. 7. Employ endpoint detection and response (EDR) tools to detect anomalous memory access or information disclosure attempts related to RRAS. 8. Conduct vulnerability scanning and penetration testing focused on RRAS to identify exposure and validate mitigations.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
microsoft
Date Reserved
2025-03-11T22:56:43.944Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682cd0f91484d88663aeb96d

Added to database: 5/20/2025, 6:59:05 PM

Last enriched: 7/18/2025, 8:59:28 PM

Last updated: 8/16/2025, 9:15:19 PM

Views: 12

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats