#auth

**How could an attacker exploit the vulnerability?** To exploit this vulnerability, an authenticated attacker would need to send a specially crafted MSMQ packet to a MSMQ server. This could result in remote code execution on the server side.

8 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Windows Message Queuing #Security Vulnerability

CVE-2025-53148: Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

8 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Routing and Remote Access Service (RRAS)#Security Vulnerability

CVE-2025-53143: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.

8 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #microsoft #rce #auth #Windows Message Queuing #Security Vulnerability

CVE-2025-50166: Windows Distributed Transaction Coordinator (MSDTC) Information Disclosure Vulnerability

Integer overflow or wraparound in Windows Distributed Transaction Coordinator allows an authorized attacker to disclose information over a network.

8 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Distributed Transaction Coordinator #Security Vulnerability

CVE-2025-50173: Windows Installer Elevation of Privilege Vulnerability

Weak authentication in Windows Installer allows an authorized attacker to elevate privileges locally.