Request a Demo
Rewterz
RedLine Stealer – Active IOCs
July 23, 2025
Rewterz
Multiple TP-Link VIGI Products Vulnerabilities
July 23, 2025

Multiple Microsoft Windows Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-49722 CVSS:5.7

Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.

CVE-2025-49671 CVSS:6.5

Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-49681 CVSS:6.5

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-47998 CVSS:8.8

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVE-2025-48824 CVSS:8.8

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVE-2025-49657 CVSS:8.8

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVE-2025-49663 CVSS:8.8

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVE-2025-49668 CVSS:8.8

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVE-2025-49669 CVSS:8.8

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVE-2025-49670 CVSS:6.5

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Impact

  • Denial of Service
  • Buffer Overflow
  • Information Disclosure
  • Code Execution

Indicators of Compromise

CVE

  • CVE-2025-49722

  • CVE-2025-49671

  • CVE-2025-49681

  • CVE-2025-47998

  • CVE-2025-48824

  • CVE-2025-49657

  • CVE-2025-49663

  • CVE-2025-49668

  • CVE-2025-49669

  • CVE-2025-49670

Affected Vendors

  • Microsoft

Affected Products

  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2019
  • Microsoft Windows 10 for 32-bit Systems
  • Microsoft Windows 10 for x64-based Systems
  • Microsoft Windows 10 Version 1607 for 32-bit Systems
  • Microsoft Windows 10 Version 1607 for x64-based Systems
  • Microsoft Windows 10 Version 1809 for 32-bit Systems
  • Microsoft Windows 10 Version 1809 for x64-based Systems
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2022
  • Microsoft Windows Server 2019 (Server Core installation)
  • Microsoft Windows Server 2022 (Server Core installation)
  • Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2
  • Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  • Microsoft Windows Server 2008 for x64-based Systems Service Pack 2
  • Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  • Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Microsoft Windows Server 2012 (Server Core installation)
  • Microsoft Windows Server 2012 R2 (Server Core installation)
  • Microsoft Windows Server 2016 (Server Core installation)
  • Microsoft Windows Server 2025
  • Microsoft Windows 11 Version 24H2 for x64-based Systems
  • Microsoft Windows 11 Version 24H2 for ARM64-based Systems
  • Microsoft Windows 11 Version 23H2 for x64-based Systems
  • Microsoft Windows 11 Version 23H2 for ARM64-based Systems
  • Microsoft Windows Server 2025 (Server Core installation)
  • Microsoft Windows 10 Version 22H2 for x64-based Systems
  • Microsoft Windows 11 Version 22H2 for x64-based Systems
  • Microsoft Windows 11 Version 22H2 for ARM64-based Systems
  • Microsoft Windows 10 Version 21H2 for x64-based Systems
  • Microsoft Windows 10 Version 22H2 for 32-bit Systems
  • Microsoft Windows 10 Version 22H2 for ARM64-based Systems
  • Microsoft Windows 10 Version 21H2 for ARM64-based Systems
  • Microsoft Windows 10 Version 21H2 for 32-bit Systems
  • Microsoft Windows Server 2022 23H2 Edition (Server Core installation)

Remediation

Refer to Microsoft Website for patch, upgrade, or suggested workaround information.

CVE-2025-49722

CVE-2025-49671

CVE-2025-49681

CVE-2025-47998

CVE-2025-48824

CVE-2025-49657

CVE-2025-49663

CVE-2025-49668

CVE-2025-49669

CVE-2025-49670