Skip to main content

CVE-2025-29960: CWE-125: Out-of-bounds Read in Microsoft Windows 10 Version 1809

Medium
VulnerabilityCVE-2025-29960cvecve-2025-29960cwe-125
Published: Tue May 13 2025 (05/13/2025, 16:58:29 UTC)
Source: CVE
Vendor/Project: Microsoft
Product: Windows 10 Version 1809

Description

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

AI-Powered Analysis

AILast updated: 07/18/2025, 21:02:31 UTC

Technical Analysis

CVE-2025-29960 is a security vulnerability identified as an out-of-bounds read (CWE-125) in the Microsoft Windows Routing and Remote Access Service (RRAS) specifically affecting Windows 10 Version 1809 (build 10.0.17763.0). This vulnerability allows an unauthorized attacker to remotely trigger an out-of-bounds read condition, which can lead to the disclosure of sensitive information over the network. The RRAS component is responsible for routing network traffic and providing VPN and dial-up services, making it a critical part of Windows networking infrastructure. The flaw arises when RRAS improperly handles certain network packets, allowing an attacker to read memory outside the intended buffer boundaries. This can expose sensitive data residing in adjacent memory areas, potentially including credentials, cryptographic keys, or other confidential information. The vulnerability does not allow for code execution or system modification but compromises confidentiality. Exploitation requires no privileges and no prior authentication, but does require user interaction, likely in the form of network communication with the vulnerable service. The CVSS 3.1 base score is 6.5 (medium severity), reflecting the high confidentiality impact but no impact on integrity or availability. No known exploits are currently reported in the wild, and no official patches have been linked yet. The vulnerability was reserved in March 2025 and published in May 2025, indicating recent discovery and disclosure. Given the affected version is Windows 10 1809, which is an older release, many organizations may have already migrated to newer versions, but legacy systems and specialized environments may still be at risk.

Potential Impact

For European organizations, the primary impact of CVE-2025-29960 is the potential unauthorized disclosure of sensitive information via network-based exploitation of RRAS on Windows 10 Version 1809 systems. This could lead to leakage of confidential data such as internal network configurations, authentication tokens, or other sensitive memory contents. Organizations relying on legacy Windows 10 1809 systems for routing, VPN, or remote access services are particularly vulnerable. The confidentiality breach could facilitate further attacks, including lateral movement or targeted espionage, especially in sectors handling sensitive personal data (e.g., healthcare, finance) or critical infrastructure. Since the vulnerability does not affect integrity or availability, direct disruption is unlikely, but information leakage can undermine trust and compliance with data protection regulations such as GDPR. The requirement for user interaction is minimal, as network communication with RRAS is typical in remote access scenarios, increasing the risk of exploitation in environments with exposed RRAS endpoints. The absence of known exploits suggests a window for proactive mitigation before active attacks emerge.

Mitigation Recommendations

European organizations should prioritize identifying and inventorying all Windows 10 Version 1809 systems running RRAS, especially those exposed to untrusted networks. Immediate mitigation steps include disabling RRAS services on systems where it is not essential, thereby eliminating the attack surface. For systems requiring RRAS, network-level controls such as firewall rules should restrict access to RRAS ports to trusted hosts only. Employ network segmentation to isolate vulnerable systems from critical assets. Monitoring network traffic for anomalous RRAS activity can help detect exploitation attempts. Since no official patches are currently linked, organizations should monitor Microsoft security advisories closely and apply updates promptly once available. Additionally, consider upgrading affected systems to supported Windows versions with active security support to reduce exposure. Implementing strict access controls and multi-factor authentication for remote access services can further reduce risk. Regular security assessments and penetration testing focusing on RRAS and related network services will help validate the effectiveness of mitigations.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
microsoft
Date Reserved
2025-03-12T17:54:45.707Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682cd0f91484d88663aeb99d

Added to database: 5/20/2025, 6:59:05 PM

Last enriched: 7/18/2025, 9:02:31 PM

Last updated: 8/15/2025, 6:46:24 PM

Views: 15

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats