An update released on October 14, 2025, highlights a critical elevation of privilege vulnerability in the Windows Remote Access Connection Manager component.
Tracked as CVE-2025-59230 and assigned by Microsoft, this flaw stems from improper access control (CWE-284) that can be weaponized by a local attacker with minimal privileges.
Overview of the Vulnerability
The Remote Access Connection Manager service is responsible for establishing and managing dial-up and virtual private network connections on Windows systems.
In this instance, insufficient checks in the access control logic enable an attacker to manipulate service behavior and escalate privileges.
According to Microsoft’s advisory, the weakness allows an authorized local user—one who already has a valid account on the system—to gain SYSTEM rights, effectively taking full control of the machine.
- The service fails to validate certain security tokens before performing privileged operations.
- Attackers can trigger the flaw using standard user-level API calls.
- No user interaction is required beyond running a crafted local script.
Impact and Exploitation Details
With a CVSS v3.1 base score of 7.8 (temporal score of 7.2), the vulnerability is classified with a “Low” attack complexity and “Low” privilege requirement, demanding no user interaction.
Notices indicate that proof-of-concept exploit code is functional and that exploitation has already been detected in the wild. Although the scope of compromise remains within the same security context, the impact dimensions are severe: confidentiality, integrity, and availability are all rated “High.” Exploitation can lead to:
- Complete system takeover under the SYSTEM account.
- Exposure of sensitive files and credentials.
- Installation of persistent malware that evades user-level defenses.
Mitigation and Patching Guidance
Microsoft has released an official security update to address CVE-2025-59230. Administrators are urged to review the Microsoft Support Lifecycle to confirm that their Windows installations are still within the supported update window, then apply the patches without delay.
In environments where immediate patching is not feasible, elevating monitoring of local privilege-use events and auditing Remote Access Connection Manager logs can help detect exploitation attempts.
Enabling enhanced endpoint protection features, such as restricting access to key system services and hardening user privilege assignments, may further reduce risk until updates are deployed.
Organizations relying on remote connectivity features should prioritize deployment of the October 2025 security updates and verify successful installation across all affected endpoints.
Regular review of Microsoft’s Threat Intelligence Center advisories and the MSRC exploitability index can provide ongoing insights into emerging attack trends and recommended safeguards.
| Product | Release Date | Impact | Severity | KB Article(s) | Download Link | Build Number |
|---|---|---|---|---|---|---|
| Windows 10 Version 1607 (32-bit) | Oct 14, 2025 | Elevation of Privilege | Important | 5066836 | Security Update | 10.0.14393[.]8519 |
| Windows 10 Version 1607 (x64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066836 | Security Update | 10.0.14393[.]8519 |
| Windows 10 (32-bit) | Oct 14, 2025 | Elevation of Privilege | Important | 5066837 | Security Update | 10.0.10240[.]21161 |
| Windows 10 (x64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066837 | Security Update | 10.0.10240[.]21161 |
| Windows Server 2025 | Oct 14, 2025 | Elevation of Privilege | Important | 5066835 | Security Update | 10.0.26100[.]6899 |
| Windows 11 Version 24H2 (x64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066835 | Security Update | 10.0.26100[.]6899 |
| Windows 10 Version 1809 (x64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066586 | Security Update | 10.0.17763[.]7919 |
| Windows 10 Version 1809 (32-bit) | Oct 14, 2025 | Elevation of Privilege | Important | 5066586 | Security Update | 10.0.17763[.]7919 |
| Windows Server 2012 R2 (Server Core) | Oct 14, 2025 | Elevation of Privilege | Important | 5066873 | Monthly Rollup | 6.3.9600[.]22824 |
| Windows Server 2012 R2 | Oct 14, 2025 | Elevation of Privilege | Important | 5066873 | Monthly Rollup | 6.3.9600[.]22824 |
| Windows Server 2012 (Server Core) | Oct 14, 2025 | Elevation of Privilege | Important | 5066875 | Monthly Rollup | 6.2.9200[.]25722 |
| Windows Server 2012 | Oct 14, 2025 | Elevation of Privilege | Important | 5066875 | Monthly Rollup | 6.2.9200[.]25722 |
| Windows Server 2008 R2 SP1 (Server Core, x64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066872, 5066876 | Monthly Rollup / Security Only | 6.1.7601[.]27974 |
| Windows Server 2008 R2 SP1 (x64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066872, 5066876 | Monthly Rollup / Security Only | 6.1.7601[.]27974 |
| Windows Server 2008 SP2 (Server Core, x64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066874, 5066877 | Monthly Rollup / Security Only | 6.0.6003[.]23571 |
| Windows Server 2008 SP2 (x64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066874, 5066877 | Monthly Rollup / Security Only | 6.0.6003[.]23571 |
| Windows Server 2008 SP2 (Server Core, 32-bit) | Oct 14, 2025 | Elevation of Privilege | Important | 5066874, 5066877 | Monthly Rollup / Security Only | 6.0.6003[.]23571 |
| Windows Server 2008 SP2 (32-bit) | Oct 14, 2025 | Elevation of Privilege | Important | 5066874, 5066877 | Monthly Rollup / Security Only | 6.0.6003[.]23571 |
| Windows Server 2016 (Server Core) | Oct 14, 2025 | Elevation of Privilege | Important | 5066836 | Security Update | 10.0.14393[.]8519 |
| Windows Server 2016 | Oct 14, 2025 | Elevation of Privilege | Important | 5066836 | Security Update | 10.0.14393[.]8519 |
| Windows 11 Version 24H2 (ARM64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066835 | Security Update | 10.0.26100[.]6899 |
| Windows Server 2022 23H2 (Server Core) | Oct 14, 2025 | Elevation of Privilege | Important | 5066780 | Security Update | 10.0.25398[.]1913 |
| Windows 11 Version 23H2 (x64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066793 | Security Update | 10.0.22631[.]6060 |
| Windows 11 Version 23H2 (ARM64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066793 | Security Update | 10.0.22631[.]6060 |
| Windows 11 Version 25H2 (x64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066835 | Security Update | 10.0.26200[.]6899 |
| Windows 11 Version 25H2 (ARM64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066835 | Security Update | 10.0.26200[.]6899 |
| Windows Server 2025 (Server Core) | Oct 14, 2025 | Elevation of Privilege | Important | 5066835 | Security Update | 10.0.26100[.]6899 |
| Windows 10 Version 22H2 (32-bit) | Oct 14, 2025 | Elevation of Privilege | Important | 5066791 | Security Update | 10.0.19045[.]6456 |
| Windows 10 Version 22H2 (ARM64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066791 | Security Update | 10.0.19045[.]6456 |
| Windows 10 Version 22H2 (x64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066791 | Security Update | 10.0.19045[.]6456 |
| Windows 11 Version 22H2 (x64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066793 | Security Update | 10.0.22621[.]6060 |
| Windows 11 Version 22H2 (ARM64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066793 | Security Update | 10.0.22621[.]6060 |
| Windows 10 Version 21H2 (x64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066791 | Security Update | 10.0.19044[.]6456 |
| Windows 10 Version 21H2 (ARM64) | Oct 14, 2025 | Elevation of Privilege | Important | 5066791 | Security Update | 10.0.19044[.]6456 |
| Windows 10 Version 21H2 (32-bit) | Oct 14, 2025 | Elevation of Privilege | Important | 5066791 | Security Update | 10.0.19044[.]6456 |
| Windows Server 2022 (Server Core) | Oct 14, 2025 | Elevation of Privilege | Important | 5066782 | Security Update | 10.0.20348[.]4294 |
| Windows Server 2022 | Oct 14, 2025 | Elevation of Privilege | Important | 5066782 | Security Update | 10.0.20348[.]4294 |
| Windows Server 2019 (Server Core) | Oct 14, 2025 | Elevation of Privilege | Important | 5066586 | Security Update | 10.0.17763[.]7919 |
| Windows Server 2019 | Oct 14, 2025 | Elevation of Privilege | Important | 5066586 | Security Update | 10.0.17763[.]7919 |
Find this Story Interesting! Follow us on Google News , LinkedIn and X to Get More Instant Updates
.webp?resize=1068,580&ssl=1&description=An update released on October 14, 2025, highlights a critical elevation of privilege vulnerability in the Windows Remote Access Connection Manager component.){kind=link}