14Oca
CVE-2025-21309 | Microsoft Windows Server 2012 up to Server 2022 23H2 Remote Desktop Services sensitive data storage in improperly locked memory
A vulnerability classified as critical was found in Microsoft Windows Server 2012 up to Server 2022 23H2. This vulnerability affects unknown code of the component Remote Desktop Services. The manipulation leads to sensitive data storage in improperly locked memory. This vulnerability was named CVE-2025-21309. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.