CVE-2025-27480

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Services (affected versions not specified)

Description: The issue allows remote attackers to execute arbitrary code and affect the system. This is due to a use-after-free condition in the Windows Remote Desktop Gateway Service, where the application improperly manages memory. An attacker can exploit this flaw by timing their actions accurately to manipulate freed memory references and execute malicious code, significantly impacting device security and integrity. No user interaction or privileges are required for exploitation, increasing the risk for organizations.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.