PT-2025-42115 · Microsoft · Windows +1
Published
2025-10-14
·
Updated
2025-10-15
·
CVE-2025-59230
CVSS v3.1
7.8
7.8
High
| Base vector | Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Microsoft Windows versions (affected versions not specified)
Description
An improper access control flaw exists in the Windows Remote Access Connection Manager (RASMAN). This allows an authenticated local attacker to elevate privileges, potentially gaining SYSTEM-level access. The flaw stems from insufficient validation of user permissions when interacting with the Remote Access Connection Manager. This vulnerability is under active exploitation in attacks, with reports indicating threat actors are targeting enterprise environments. Approximately an unknown number of devices worldwide are potentially affected. The vulnerability allows attackers with limited access to escalate privileges and gain full control over systems.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
LPE
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com
Weakness Enumeration
Related Identifiers
CVE-2025-59230
Affected Products
Windows
Rasman
References · 32
- https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-59230 · Vendor Advisory
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-59230 · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-59230 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59230 · Security Note
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59230 · Vendor Advisory
- https://twitter.com/cyberthint/status/1978465622938820739 · Twitter Post
- https://twitter.com/Trej0Jass/status/1978531819181244825 · Twitter Post
- https://twitter.com/EAlexStark/status/1978492329620341135 · Twitter Post
- https://twitter.com/CloneSystemsInc/status/1978429611609375018 · Twitter Post
- https://reddit.com/r/Action1/comments/1o6mazp/patch_tuesday_october_2025 · Reddit Post
- https://twitter.com/Secwiserapp/status/1978211031819448808 · Twitter Post
- https://reddit.com/r/ImpMSNews/comments/1o73mva/last_patch_for_windows_10_with_kb5066791_and_5 · Reddit Post
- https://twitter.com/CVEnew/status/1978171156470567220 · Twitter Post
- https://twitter.com/securityRSS/status/1978242452906533190 · Twitter Post
- https://reddit.com/r/TechNadu/comments/1o7581u/microsofts_october_2025_end_of_10_patch_tuesday · Reddit Post