CVE-2025-29960: CWE-125: Out-of-bounds Read in Microsoft Windows 10 Version 1809
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
AI Analysis
Technical Summary
CVE-2025-29960 is a security vulnerability identified as an out-of-bounds read (CWE-125) in the Microsoft Windows Routing and Remote Access Service (RRAS) specifically affecting Windows 10 Version 1809 (build 10.0.17763.0). This vulnerability allows an unauthorized attacker to remotely trigger an out-of-bounds read condition, which can lead to the disclosure of sensitive information over the network. The RRAS component is responsible for routing network traffic and providing VPN and dial-up services, making it a critical part of Windows networking infrastructure. The flaw arises when RRAS improperly handles certain network packets, allowing an attacker to read memory outside the intended buffer boundaries. This can expose sensitive data residing in adjacent memory areas, potentially including credentials, cryptographic keys, or other confidential information. The vulnerability does not allow for code execution or system modification but compromises confidentiality. Exploitation requires no privileges and no prior authentication, but does require user interaction, likely in the form of network communication with the vulnerable service. The CVSS 3.1 base score is 6.5 (medium severity), reflecting the high confidentiality impact but no impact on integrity or availability. No known exploits are currently reported in the wild, and no official patches have been linked yet. The vulnerability was reserved in March 2025 and published in May 2025, indicating recent discovery and disclosure. Given the affected version is Windows 10 1809, which is an older release, many organizations may have already migrated to newer versions, but legacy systems and specialized environments may still be at risk.
Potential Impact
For European organizations, the primary impact of CVE-2025-29960 is the potential unauthorized disclosure of sensitive information via network-based exploitation of RRAS on Windows 10 Version 1809 systems. This could lead to leakage of confidential data such as internal network configurations, authentication tokens, or other sensitive memory contents. Organizations relying on legacy Windows 10 1809 systems for routing, VPN, or remote access services are particularly vulnerable. The confidentiality breach could facilitate further attacks, including lateral movement or targeted espionage, especially in sectors handling sensitive personal data (e.g., healthcare, finance) or critical infrastructure. Since the vulnerability does not affect integrity or availability, direct disruption is unlikely, but information leakage can undermine trust and compliance with data protection regulations such as GDPR. The requirement for user interaction is minimal, as network communication with RRAS is typical in remote access scenarios, increasing the risk of exploitation in environments with exposed RRAS endpoints. The absence of known exploits suggests a window for proactive mitigation before active attacks emerge.
Mitigation Recommendations
European organizations should prioritize identifying and inventorying all Windows 10 Version 1809 systems running RRAS, especially those exposed to untrusted networks. Immediate mitigation steps include disabling RRAS services on systems where it is not essential, thereby eliminating the attack surface. For systems requiring RRAS, network-level controls such as firewall rules should restrict access to RRAS ports to trusted hosts only. Employ network segmentation to isolate vulnerable systems from critical assets. Monitoring network traffic for anomalous RRAS activity can help detect exploitation attempts. Since no official patches are currently linked, organizations should monitor Microsoft security advisories closely and apply updates promptly once available. Additionally, consider upgrading affected systems to supported Windows versions with active security support to reduce exposure. Implementing strict access controls and multi-factor authentication for remote access services can further reduce risk. Regular security assessments and penetration testing focusing on RRAS and related network services will help validate the effectiveness of mitigations.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Poland, Belgium, Sweden, Finland
CVE-2025-29960: CWE-125: Out-of-bounds Read in Microsoft Windows 10 Version 1809
Description
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
AI-Powered Analysis
Technical Analysis
CVE-2025-29960 is a security vulnerability identified as an out-of-bounds read (CWE-125) in the Microsoft Windows Routing and Remote Access Service (RRAS) specifically affecting Windows 10 Version 1809 (build 10.0.17763.0). This vulnerability allows an unauthorized attacker to remotely trigger an out-of-bounds read condition, which can lead to the disclosure of sensitive information over the network. The RRAS component is responsible for routing network traffic and providing VPN and dial-up services, making it a critical part of Windows networking infrastructure. The flaw arises when RRAS improperly handles certain network packets, allowing an attacker to read memory outside the intended buffer boundaries. This can expose sensitive data residing in adjacent memory areas, potentially including credentials, cryptographic keys, or other confidential information. The vulnerability does not allow for code execution or system modification but compromises confidentiality. Exploitation requires no privileges and no prior authentication, but does require user interaction, likely in the form of network communication with the vulnerable service. The CVSS 3.1 base score is 6.5 (medium severity), reflecting the high confidentiality impact but no impact on integrity or availability. No known exploits are currently reported in the wild, and no official patches have been linked yet. The vulnerability was reserved in March 2025 and published in May 2025, indicating recent discovery and disclosure. Given the affected version is Windows 10 1809, which is an older release, many organizations may have already migrated to newer versions, but legacy systems and specialized environments may still be at risk.
Potential Impact
For European organizations, the primary impact of CVE-2025-29960 is the potential unauthorized disclosure of sensitive information via network-based exploitation of RRAS on Windows 10 Version 1809 systems. This could lead to leakage of confidential data such as internal network configurations, authentication tokens, or other sensitive memory contents. Organizations relying on legacy Windows 10 1809 systems for routing, VPN, or remote access services are particularly vulnerable. The confidentiality breach could facilitate further attacks, including lateral movement or targeted espionage, especially in sectors handling sensitive personal data (e.g., healthcare, finance) or critical infrastructure. Since the vulnerability does not affect integrity or availability, direct disruption is unlikely, but information leakage can undermine trust and compliance with data protection regulations such as GDPR. The requirement for user interaction is minimal, as network communication with RRAS is typical in remote access scenarios, increasing the risk of exploitation in environments with exposed RRAS endpoints. The absence of known exploits suggests a window for proactive mitigation before active attacks emerge.
Mitigation Recommendations
European organizations should prioritize identifying and inventorying all Windows 10 Version 1809 systems running RRAS, especially those exposed to untrusted networks. Immediate mitigation steps include disabling RRAS services on systems where it is not essential, thereby eliminating the attack surface. For systems requiring RRAS, network-level controls such as firewall rules should restrict access to RRAS ports to trusted hosts only. Employ network segmentation to isolate vulnerable systems from critical assets. Monitoring network traffic for anomalous RRAS activity can help detect exploitation attempts. Since no official patches are currently linked, organizations should monitor Microsoft security advisories closely and apply updates promptly once available. Additionally, consider upgrading affected systems to supported Windows versions with active security support to reduce exposure. Implementing strict access controls and multi-factor authentication for remote access services can further reduce risk. Regular security assessments and penetration testing focusing on RRAS and related network services will help validate the effectiveness of mitigations.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- microsoft
- Date Reserved
- 2025-03-12T17:54:45.707Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682cd0f91484d88663aeb99d
Added to database: 5/20/2025, 6:59:05 PM
Last enriched: 7/18/2025, 9:02:31 PM
Last updated: 8/15/2025, 6:46:24 PM
Views: 15
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.