#VU109057 Sensitive Data Storage in Improperly Locked Memory in Windows Server - CVE-2025-30394
Vulnerability identifier: #VU109057
Vulnerability risk: High
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID:
CWE-ID:
CWE-591
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Windows Server
Operating systems & Components /
Operating system
Vendor: Microsoft
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to sensitive data storage in improperly locked memory in Windows Remote Desktop Gateway (RD Gateway). A remote attacker can win a race condition and cause a denial of service condition on the target system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Windows Server: 2012 6.2.9200.24768, 2012 6.2.9200.24821, 2012 6.2.9200.24868, 2012 6.2.9200.24919, 2012 6.2.9200.24975, 2012 6.2.9200.25031, 2012 6.2.9200.25073, 2012 6.2.9200.25118, 2012 6.2.9200.25165, 2012 6.2.9200.25222, 2012 6.2.9200.25273, 2012 6.2.9200.25317, 2012 6.2.9200.25368, 2012 6.2.9200.25423, 2016 10.0.14393.10, 2016 10.0.14393.51, 2016 10.0.14393.82, 2016 10.0.14393.105, 2016 10.0.14393.187, 2016 10.0.14393.222, 2016 10.0.14393.321, 2016 10.0.14393.351, 2016 10.0.14393.447, 2016 10.0.14393.479, 2016 10.0.14393.576, 2016 10.0.14393.693, 2016 10.0.14393.953, 2016 10.0.14393.969, 2016 10.0.14393.1066, 2016 10.0.14393.1198, 2016 10.0.14393.1358, 2016 10.0.14393.1378, 2016 10.0.14393.1480, 2016 10.0.14393.1532, 2016 10.0.14393.1537, 2016 10.0.14393.1593, 2016 10.0.14393.1613, 2016 10.0.14393.1670, 2016 10.0.14393.1715, 2016 10.0.14393.1737, 2016 10.0.14393.1770, 2016 10.0.14393.1794, 2016 10.0.14393.1797, 2016 10.0.14393.1884, 2016 10.0.14393.1914, 2016 10.0.14393.1944, 2016 10.0.14393.2007, 2016 10.0.14393.2035, 2016 10.0.14393.2068, 2016 10.0.14393.2097, 2016 10.0.14393.2125, 2016 10.0.14393.2155, 2016 10.0.14393.2156, 2016 10.0.14393.2189, 2016 10.0.14393.2214, 2016 10.0.14393.2248, 2016 10.0.14393.2273, 2016 10.0.14393.2312, 2016 10.0.14393.2339, 2016 10.0.14393.2363, 2016 10.0.14393.2368, 2016 10.0.14393.2395, 2016 10.0.14393.2396, 2016 10.0.14393.2430, 2016 10.0.14393.2457, 2016 10.0.14393.2485, 2016 10.0.14393.2515, 2016 10.0.14393.2551, 2016 10.0.14393.2580, 2016 10.0.14393.2608, 2016 10.0.14393.2639, 2016 10.0.14393.2641, 2016 10.0.14393.2665, 2016 10.0.14393.2670, 2016 10.0.14393.2724, 2016 10.0.14393.2759, 2016 10.0.14393.2791, 2016 10.0.14393.2828, 2016 10.0.14393.2848, 2016 10.0.14393.2879, 2016 10.0.14393.2906, 2016 10.0.14393.2908, 2016 10.0.14393.2941, 2016 10.0.14393.2969, 2016 10.0.14393.2972, 2016 10.0.14393.2999, 2016 10.0.14393.3025, 2016 10.0.14393.3053, 2016 10.0.14393.3056, 2016 10.0.14393.3085, 2016 10.0.14393.3115, 2016 10.0.14393.3144, 2016 10.0.14393.3181, 2016 10.0.14393.3204, 2016 10.0.14393.3206, 2016 10.0.14393.3242, 2016 10.0.14393.3243, 2016 10.0.14393.3274, 2016 10.0.14393.3300, 2016 10.0.14393.3326, 2016 10.0.14393.3384, 2016 10.0.14393.3443, 2016 10.0.14393.3474, 2016 10.0.14393.3504, 2016 10.0.14393.3542, 2016 10.0.14393.3564, 2016 10.0.14393.3595, 2016 10.0.14393.3630, 2016 10.0.14393.3659, 2016 10.0.14393.3686, 2016 10.0.14393.3750, 2016 10.0.14393.3755, 2016 10.0.14393.3808, 2016 10.0.14393.3866, 2016 10.0.14393.3930, 2016 10.0.14393.3986, 2016 10.0.14393.4046, 2016 10.0.14393.4048, 2016 10.0.14393.4104, 2016 10.0.14393.4169, 2016 10.0.14393.4225, 2016 10.0.14393.4283, 2016 10.0.14393.4288, 2016 10.0.14393.4350, 2016 10.0.14393.4402, 2016 10.0.14393.4467, 2016 10.0.14393.4470, 2016 10.0.14393.4530, 2016 10.0.14393.4532, 2016 10.0.14393.4583, 2016 10.0.14393.4651, 2016 10.0.14393.4704, 2016 10.0.14393.4770, 2016 10.0.14393.4771, 2016 10.0.14393.4825, 2016 10.0.14393.4827, 2016 10.0.14393.4886, 2016 10.0.14393.4889, 2016 10.0.14393.4946, 2016 10.0.14393.5006, 2016 10.0.14393.5066, 2016 10.0.14393.5125, 2016 10.0.14393.5127, 2016 10.0.14393.5192, 2016 10.0.14393.5246, 2016 10.0.14393.5291, 2016 10.0.14393.5356, 2016 10.0.14393.5427, 2016 10.0.14393.5429, 2016 10.0.14393.5501, 2016 10.0.14393.5502, 2016 10.0.14393.5582, 2016 10.0.14393.5648, 2016 10.0.14393.5717, 2016 10.0.14393.5786, 2016 10.0.14393.5850, 2016 10.0.14393.5921, 2016 10.0.14393.5989, 2016 10.0.14393.5996, 2016 10.0.14393.6085, 2016 10.0.14393.6167, 2016 10.0.14393.6252, 2016 10.0.14393.6351, 2016 10.0.14393.6452, 2016 10.0.14393.6529, 2016 10.0.14393.6614, 2016 10.0.14393.6709, 2016 10.0.14393.6796, 2016 10.0.14393.6800, 2016 10.0.14393.6897, 2016 10.0.14393.6981, 2016 10.0.14393.7070, 2016 10.0.14393.7159, 2016 10.0.14393.7259, 2016 10.0.14393.7336, 2016 10.0.14393.7428, 2016 10.0.14393.7515, 2016 10.0.14393.7606, 2016 10.0.14393.7699, 2016 10.0.14393.7785, 2016 10.0.14393.7876, 2016 10.0.14393.7969, 2016 10.0.14393.7970, 2019 10.0.17763.1, 2019 10.0.17763.55, 2019 10.0.17763.107, 2019 10.0.17763.134, 2019 10.0.17763.168, 2019 10.0.17763.194, 2019 10.0.17763.195, 2019 10.0.17763.253, 2019 10.0.17763.292, 2019 10.0.17763.316, 2019 10.0.17763.348, 2019 10.0.17763.379, 2019 10.0.17763.404, 2019 10.0.17763.437, 2019 10.0.17763.439, 2019 10.0.17763.475, 2019 10.0.17763.503, 2019 10.0.17763.504, 2019 10.0.17763.529, 2019 10.0.17763.557, 2019 10.0.17763.592, 2019 10.0.17763.593, 2019 10.0.17763.615, 2019 10.0.17763.652, 2019 10.0.17763.678, 2019 10.0.17763.720, 2019 10.0.17763.737, 2019 10.0.17763.740, 2019 10.0.17763.774, 2019 10.0.17763.775, 2019 10.0.17763.805, 2019 10.0.17763.832, 2019 10.0.17763.864, 2019 10.0.17763.914, 2019 10.0.17763.973, 2019 10.0.17763.1012, 2019 10.0.17763.1039, 2019 10.0.17763.1075, 2019 10.0.17763.1098, 2019 10.0.17763.1131, 2019 10.0.17763.1132, 2019 10.0.17763.1158, 2019 10.0.17763.1192, 2019 10.0.17763.1217, 2019 10.0.17763.1282, 2019 10.0.17763.1294, 2019 10.0.17763.1339, 2019 10.0.17763.1369, 2019 10.0.17763.1397, 2019 10.0.17763.1432, 2019 10.0.17763.1457, 2019 10.0.17763.1490, 2019 10.0.17763.1518, 2019 10.0.17763.1554, 2019 10.0.17763.1577, 2019 10.0.17763.1579, 2019 10.0.17763.1613, 2019 10.0.17763.1637, 2019 10.0.17763.1697, 2019 10.0.17763.1728, 2019 10.0.17763.1757, 2019 10.0.17763.1790, 2019 10.0.17763.1817, 2019 10.0.17763.1821, 2019 10.0.17763.1823, 2019 10.0.17763.1852, 2019 10.0.17763.1879, 2019 10.0.17763.1911, 2019 10.0.17763.1935, 2019 10.0.17763.1971, 2019 10.0.17763.1999, 2019 10.0.17763.2028, 2019 10.0.17763.2029, 2019 10.0.17763.2061, 2019 10.0.17763.2090, 2019 10.0.17763.2091, 2019 10.0.17763.2114, 2019 10.0.17763.2145, 2019 10.0.17763.2183, 2019 10.0.17763.2213, 2019 10.0.17763.2237, 2019 10.0.17763.2268, 2019 10.0.17763.2300, 2019 10.0.17763.2305, 2019 10.0.17763.2330, 2019 10.0.17763.2366, 2019 10.0.17763.2369, 2019 10.0.17763.2452, 2019 10.0.17763.2458, 2019 10.0.17763.2510, 2019 10.0.17763.2565, 2019 10.0.17763.2628, 2019 10.0.17763.2686, 2019 10.0.17763.2746, 2019 10.0.17763.2803, 2019 10.0.17763.2867, 2019 10.0.17763.2928, 2019 10.0.17763.2931, 2019 10.0.17763.2989, 2019 10.0.17763.3046, 2019 10.0.17763.3113, 2019 10.0.17763.3165, 2019 10.0.17763.3232, 2019 10.0.17763.3287, 2019 10.0.17763.3346, 2019 10.0.17763.3406, 2019 10.0.17763.3469, 2019 10.0.17763.3532, 2019 10.0.17763.3534, 2019 10.0.17763.3650, 2019 10.0.17763.3653, 2019 10.0.17763.3770, 2019 10.0.17763.3772, 2019 10.0.17763.3887, 2019 10.0.17763.4010, 2019 10.0.17763.4131, 2019 10.0.17763.4252, 2019 10.0.17763.4377, 2019 10.0.17763.4499, 2019 10.0.17763.4645, 2019 10.0.17763.4737, 2019 10.0.17763.4851, 2019 10.0.17763.4974, 2019 10.0.17763.5122, 2019 10.0.17763.5206, 2019 10.0.17763.5329, 2019 10.0.17763.5458, 2019 10.0.17763.5576, 2019 10.0.17763.5579, 2019 10.0.17763.5696, 2019 10.0.17763.5820, 2019 10.0.17763.5936, 2019 10.0.17763.6054, 2019 10.0.17763.6189, 2019 10.0.17763.6293, 2019 10.0.17763.6414, 2019 10.0.17763.6532, 2019 10.0.17763.6659, 2019 10.0.17763.6775, 2019 10.0.17763.6893, 2019 10.0.17763.7009, 2019 10.0.17763.7136, 2019 10.0.17763.7137, 2022 10.0.20348.202, 2022 10.0.20348.230, 2022 10.0.20348.261, 2022 10.0.20348.288, 2022 10.0.20348.320, 2022 10.0.20348.350, 2022 10.0.20348.380, 2022 10.0.20348.405, 2022 10.0.20348.407, 2022 10.0.20348.469, 2022 10.0.20348.473, 2022 10.0.20348.502, 2022 10.0.20348.524, 2022 10.0.20348.558, 2022 10.0.20348.587, 2022 10.0.20348.617, 2022 10.0.20348.643, 2022 10.0.20348.681, 2022 10.0.20348.707, 2022 10.0.20348.709, 2022 10.0.20348.740, 2022 10.0.20348.768, 2022 10.0.20348.803, 2022 10.0.20348.825, 2022 10.0.20348.859, 2022 10.0.20348.887, 2022 10.0.20348.946, 2022 10.0.20348.1006, 2022 10.0.20348.1070, 2022 10.0.20348.1129, 2022 10.0.20348.1131, 2022 10.0.20348.1194, 2022 10.0.20348.1249, 2022 10.0.20348.1251, 2022 10.0.20348.1311, 2022 10.0.20348.1366, 2022 10.0.20348.1368, 2022 10.0.20348.1487, 2022 10.0.20348.1547, 2022 10.0.20348.1607, 2022 10.0.20348.1668, 2022 10.0.20348.1726, 2022 10.0.20348.1787, 2022 10.0.20348.1850, 2022 10.0.20348.1906, 2022 10.0.20348.1970, 2022 10.0.20348.2031, 2022 10.0.20348.2113, 2022 10.0.20348.2159, 2022 10.0.20348.2227, 2022 10.0.20348.2322, 2022 10.0.20348.2333, 2022 10.0.20348.2340, 2022 10.0.20348.2342, 2022 10.0.20348.2402, 2022 10.0.20348.2458, 2022 10.0.20348.2461, 2022 10.0.20348.2522, 2022 10.0.20348.2527, 2022 10.0.20348.2582, 2022 10.0.20348.2655, 2022 10.0.20348.2695, 2022 10.0.20348.2700, 2022 10.0.20348.2762, 2022 10.0.20348.2849, 2022 10.0.20348.2908, 2022 10.0.20348.2966, 2022 10.0.20348.3091, 2022 10.0.20348.3148, 2022 10.0.20348.3207, 2022 10.0.20348.3270, 2022 10.0.20348.3328, 2022 10.0.20348.3454, 2025 10.0.26100.1742, 2025 10.0.26100.2240, 2025 10.0.26100.2314, 2025 10.0.26100.2528, 2025 10.0.26100.2605, 2025 10.0.26100.2894, 2025 10.0.26100.3107, 2025 10.0.26100.3194, 2025 10.0.26100.3403, 2025 10.0.26100.3476, 2025 10.0.26100.3775
External links
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-30394
https://www.zerodayinitiative.com/advisories/ZDI-25-334/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
