CVE-2025-59230: Microsoft Windows Improper Access Control Vulnerability.
Microsoft Windows Improper Access Control Vulnerability. Microsoft Windows contains an improper access control vulnerability in Windows Remote Access Connection Manager which could allow an authorized attacker to elevate privileges locally.
- CISA KEV-listed (remediation due 2025-11-04)
- EPSS 4.5% (89.3% percentile)