CVE-2026-21525

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to February 10, 2026

Description A null pointer dereference exists in the Windows Remote Access Connection Manager (RasMan). This issue allows a local attacker to cause a denial-of-service by repeatedly crashing the VPN/remote-access service and disrupting connectivity. The vulnerability is actively exploited in the wild. The issue affects systems globally that utilize Windows for VPN and remote access. The vulnerability impacts the availability of the remote access service. Exploitation involves triggering the null pointer dereference within the RasMan component, leading to service crashes.

Recommendations Apply the February 10, 2026 updates to address this vulnerability. Monitor for abnormal RasMan service crashes to identify potential exploitation attempts.