What is the severity of CVE-2025-27482?

The severity of CVE-2025-27482 is classified as critical due to the potential for unauthorized code execution.

How do I fix CVE-2025-27482?

To fix CVE-2025-27482, apply the latest security patches provided by Microsoft for the affected Windows Server versions.

What products are affected by CVE-2025-27482?

CVE-2025-27482 affects several versions of Windows Server including 2016, 2019, 2022, and 2025.

What are the potential impacts of CVE-2025-27482?

The potential impacts of CVE-2025-27482 include unauthorized access to sensitive data and remote code execution.

Is there a workaround for CVE-2025-27482?

There are no publicly documented workarounds for CVE-2025-27482; applying patches is the recommended mitigation.

Vulnerability/
CVE-2025-27482

Exploited

high

8.1

CWE

591 416

8/4/2025

12/4/2025

CVE-2025-27482: Windows Remote Desktop Services Remote Code Execution Vulnerability

First published: Tue Apr 08 2025(Updated: )

<p>Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.</p>

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows Server 2022 23H2		fix available externally
Microsoft Windows Server 2025		fix available externally
Microsoft Windows Server 2016		fix available externally
Microsoft Windows Server 2022		fix available externally
Microsoft Windows Server 2016		fix available externally
Microsoft Windows Server 2022		fix available externally
Microsoft Windows Server 2019		fix available externally
Microsoft Windows Server 2019		fix available externally
Microsoft Windows Server 2025		fix available externally
		fix available externally
		fix available externally
		fix available externally

Never miss a vulnerability like this again

Reference Links

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is the severity of CVE-2025-27482?
The severity of CVE-2025-27482 is classified as critical due to the potential for unauthorized code execution.
How do I fix CVE-2025-27482?
To fix CVE-2025-27482, apply the latest security patches provided by Microsoft for the affected Windows Server versions.
What products are affected by CVE-2025-27482?
CVE-2025-27482 affects several versions of Windows Server including 2016, 2019, 2022, and 2025.
What are the potential impacts of CVE-2025-27482?
The potential impacts of CVE-2025-27482 include unauthorized access to sensitive data and remote code execution.
Is there a workaround for CVE-2025-27482?
There are no publicly documented workarounds for CVE-2025-27482; applying patches is the recommended mitigation.

collector/msrc-cve
source/Microsoft
agent/title
agent/type
agent/software-canonical-lookup
agent/first-publish-date
collector/msrc
agent/softwarecombine
agent/author
agent/description
collector/the-register
source/The Register
alias/CVE-2025-29824
alias/CVE-2025-29809
alias/CVE-2025-26663
alias/CVE-2025-26670
alias/CVE-2025-27480
alias/CVE-2025-27482
alias/CVE-2024-21969
alias/CVE-2024-0179
alias/CVE-2024-21925
alias/CVE-2024-56161
alias/CVE-2024-36347
alias/CVE-2023-4969
alias/CVE-2025-0014
alias/CVE-2024-36337
alias/CVE-2024-36328
alias/CVE-2024-36336
agent/references
agent/source
agent/weakness
agent/severity
agent/event
agent/trending
agent/tags
collector/nvd-api
source/NVD
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/news-ai
exploited/true
vendor/microsoft
canonical/microsoft windows server 2022 23h2
canonical/microsoft windows server 2025
canonical/microsoft windows server 2016
canonical/microsoft windows server 2022
canonical/microsoft windows server 2019