CVE-2025-21309 - Microsoft Windows Server 2012, Microsoft Windows Server 2016 and Microsoft Windows Server 2022

Critical 8.1

Windows Remote Desktop Services Remote Code Execution Vulnerability

Affected software

Microsoft Windows Server 2012

Microsoft Windows Server 2016

Microsoft Windows Server 2022

Microsoft Windows Server 2019

Microsoft Windows Server 2025

Microsoft Windows Server 2022 23h2

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.