CVE-2025-21278

CVSS 3.1 Score 6.2 of 10 (medium)

Details

Published Jan 14, 2025

CWE ID 362

Summary

CVE-2025-21278 is a Denial of Service (DoS) vulnerability affecting Windows Remote Desktop Gateway (RD Gateway). An attacker can exploit this issue by sending specially crafted RDP packets to the RD Gateway server, resulting in a crash or memory consumption exhaustion. The vulnerability can lead to a denial of service condition, preventing legitimate users from accessing the RD Gateway server. To mitigate the risk, Microsoft recommends applying the latest security updates and configuring the RD Gateway server to only accept connections from trusted sources.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2dxiZc
https://www.cve.org/CVERecord?id=CVE-2025-21278
https://nvd.nist.gov/vuln/detail/CVE-2025-21278

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2025-21278

CVSS 3.1 Score 6.2 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations