Windowsforum
Multiple CVEs Affect Windows RRAS with Remote Code Execution Vulnerabilities
First seen 10 Mar 2026, 17:28 UTC
•



+7
•87% similarity
•72.0
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Three critical vulnerabilities have been identified in the Windows Routing and Remote Access Service (RRAS), allowing both unauthorized and authorized attackers to execute code over a network. CVE-2026-25172 and CVE-2026-26111 enable unauthorized access, while CVE-2026-25173 permits authorized attackers to exploit the same weakness. All three vulnerabilities were published on March 10, 2026.
ThreatCluster AI
Timeline
2026-03-10
CVE-2026-25172 published
2026-03-10
CVE-2026-25173 published
2026-03-10
CVE-2026-26111 published