Positive Technologies Expert Helps Close Dangerous Windows Flaw in VPN. Positive Technologies researcher Sergey Bliznyuk has identified and reported a critical security vulnerability, CVE-2025-47955, affecting 37 Microsoft products. The flaw is in the Remote Access Connection Manager service, a core Windows component responsible for managing virtual private network (VPN) connections. With a severity rating of 7.8 on the CVSS 3.1 scale. The vulnerability permits local privilege escalation, allowing attackers who gain initial access to a system to attain full administrative control.
The vulnerability impacts a notable range of Microsoft operating systems, including Windows 10 and Windows 11 desktop editions, which together hold approximately 70% of the global desktop OS market. It also affects 19 server variants, notably Windows Server 2022 and 2025, widely deployed across enterprise networks, data centers, and cloud infrastructures. Given the default-enabled status of the vulnerable service, unpatched systems face significant exposure.
Bliznyuk notes that an attacker requires only low-level access, which a standard user or a terminal server session has. That's enough to exploit the flaw and elevate privileges. This makes corporate environments specially vulnerable, where lateral movement within the network could lead to widespread compromise.
Microsoft has already fixed the issue through its regular security update cycle. Organizations unable to apply the latest patches immediately should disable the Remote Access Connection Manager service to mitigate risk.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
