Vulnerabilities > CVE-2025-30394 - Sensitive Data Storage in Improperly Locked Memory vulnerability in Microsoft products

CVSS 5.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

high complexity

microsoft

CWE-591

NVD

Published: 2025-05-13

Updated: 2025-05-19

Summary

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 - Microsoft Windows Server 2016 - Microsoft Windows Server 2016 10.0.14393.4467 Microsoft Windows Server 2016 10.0.14393.4530 Microsoft Windows Server 2016 10.0.14393.4583 Microsoft Windows Server 2016 10.0.14393.4651 Microsoft Windows Server 2016 10.0.14393.4704 Microsoft Windows Server 2016 10.0.14393.4770 Microsoft Windows Server 2016 10.0.14393.4886 Microsoft Windows Server 2016 10.0.14393.4946 Microsoft Windows Server 2016 10.0.14393.5066 Microsoft Windows Server 2016 10.0.14393.5125 Microsoft Windows Server 2016 10.0.14393.5192 Microsoft Windows Server 2016 10.0.14393.5246 Microsoft Windows Server 2016 10.0.14393.5291 Microsoft Windows Server 2016 10.0.14393.5356 Microsoft Windows Server 2016 10.0.14393.5427 Microsoft Windows Server 2016 10.0.14393.5501 Microsoft Windows Server 2016 10.0.14393.5582 Microsoft Windows Server 2016 10.0.14393.5648 Microsoft Windows Server 2016 10.0.14393.5717 Microsoft Windows Server 2016 10.0.14393.5850 Microsoft Windows Server 2016 10.0.14393.6085 Microsoft Windows Server 2016 10.0.14393.6167 Microsoft Windows Server 2016 10.0.14393.6351 Microsoft Windows Server 2016 10.0.14393.6452 Microsoft Windows Server 2016 10.0.14393.6614 Microsoft Windows Server 2016 10.0.14393.6796 Microsoft Windows Server 2016 10.0.14393.6897 Microsoft Windows Server 2016 10.0.14393.6981 Microsoft Windows Server 2016 10.0.14393.7070 Microsoft Windows Server 2016 10.0.14393.7159 Microsoft Windows Server 2016 10.0.14393.7259 Microsoft Windows Server 2016 10.0.14393.7336 Microsoft Windows Server 2016 10.0.14393.7428 Microsoft Windows Server 2016 10.0.14393.7515 Microsoft Windows Server 2016 10.0.14393.7606 Microsoft Windows Server 2016 10.0.14393.7876 Microsoft Windows Server 2019 - Microsoft Windows Server 2019 10.0.17763.1999 Microsoft Windows Server 2019 10.0.17763.2061 Microsoft Windows Server 2019 10.0.17763.2114 Microsoft Windows Server 2019 10.0.17763.2183 Microsoft Windows Server 2019 10.0.17763.2237 Microsoft Windows Server 2019 10.0.17763.2300 Microsoft Windows Server 2019 10.0.17763.2452 Microsoft Windows Server 2019 10.0.17763.2565 Microsoft Windows Server 2019 10.0.17763.2803 Microsoft Windows Server 2019 10.0.17763.2928 Microsoft Windows Server 2019 10.0.17763.3046 Microsoft Windows Server 2019 10.0.17763.3165 Microsoft Windows Server 2019 10.0.17763.3287 Microsoft Windows Server 2019 10.0.17763.3406 Microsoft Windows Server 2019 10.0.17763.3532 Microsoft Windows Server 2019 10.0.17763.3650 Microsoft Windows Server 2019 10.0.17763.3770 Microsoft Windows Server 2019 10.0.17763.3887 Microsoft Windows Server 2019 10.0.17763.4010 Microsoft Windows Server 2019 10.0.17763.4252 Microsoft Windows Server 2019 10.0.17763.4645 Microsoft Windows Server 2019 10.0.17763.4737 Microsoft Windows Server 2019 10.0.17763.4851 Microsoft Windows Server 2019 10.0.17763.4974 Microsoft Windows Server 2019 10.0.17763.5122 Microsoft Windows Server 2019 10.0.17763.5329 Microsoft Windows Server 2019 10.0.17763.5458 Microsoft Windows Server 2019 10.0.17763.5576 Microsoft Windows Server 2019 10.0.17763.5696 Microsoft Windows Server 2019 10.0.17763.5820 Microsoft Windows Server 2019 10.0.17763.5936 Microsoft Windows Server 2019 10.0.17763.6054 Microsoft Windows Server 2019 10.0.17763.6189 Microsoft Windows Server 2019 10.0.17763.6293 Microsoft Windows Server 2019 10.0.17763.6414 Microsoft Windows Server 2019 10.0.17763.6532 Microsoft Windows Server 2019 10.0.17763.6659 Microsoft Windows Server 2019 10.0.17763.7009 Microsoft Windows Server 2022 - Microsoft Windows Server 2022 10.0.20348.230 Microsoft Windows Server 2022 10.0.20348.261 Microsoft Windows Server 2022 10.0.20348.288 Microsoft Windows Server 2022 10.0.20348.320 Microsoft Windows Server 2022 10.0.20348.350 Microsoft Windows Server 2022 10.0.20348.380 Microsoft Windows Server 2022 10.0.20348.405 Microsoft Windows Server 2022 10.0.20348.407 Microsoft Windows Server 2022 10.0.20348.469 Microsoft Windows Server 2022 10.0.20348.473 Microsoft Windows Server 2022 10.0.20348.502 Microsoft Windows Server 2022 10.0.20348.524 Microsoft Windows Server 2022 10.0.20348.558 Microsoft Windows Server 2022 10.0.20348.587 Microsoft Windows Server 2022 10.0.20348.617 Microsoft Windows Server 2022 10.0.20348.643 Microsoft Windows Server 2022 10.0.20348.681 Microsoft Windows Server 2022 10.0.20348.707 Microsoft Windows Server 2022 10.0.20348.709 Microsoft Windows Server 2022 10.0.20348.740 Microsoft Windows Server 2022 10.0.20348.768 Microsoft Windows Server 2022 10.0.20348.770 Microsoft Windows Server 2022 10.0.20348.803 Microsoft Windows Server 2022 10.0.20348.825 Microsoft Windows Server 2022 10.0.20348.859 Microsoft Windows Server 2022 10.0.20348.887 Microsoft Windows Server 2022 10.0.20348.946 Microsoft Windows Server 2022 10.0.20348.1006 Microsoft Windows Server 2022 10.0.20348.1070 Microsoft Windows Server 2022 10.0.20348.1129 Microsoft Windows Server 2022 10.0.20348.1131 Microsoft Windows Server 2022 10.0.20348.1194 Microsoft Windows Server 2022 10.0.20348.1249 Microsoft Windows Server 2022 10.0.20348.1251 Microsoft Windows Server 2022 10.0.20348.1311 Microsoft Windows Server 2022 10.0.20348.1366 Microsoft Windows Server 2022 10.0.20348.1368 Microsoft Windows Server 2022 10.0.20348.1487 Microsoft Windows Server 2022 10.0.20348.1547 Microsoft Windows Server 2022 10.0.20348.1607 Microsoft Windows Server 2022 10.0.20348.1668 Microsoft Windows Server 2022 10.0.20348.1724 Microsoft Windows Server 2022 10.0.20348.1726 Microsoft Windows Server 2022 10.0.20348.1787 Microsoft Windows Server 2022 10.0.20348.1850 Microsoft Windows Server 2022 10.0.20348.1903 Microsoft Windows Server 2022 10.0.20348.1906 Microsoft Windows Server 2022 10.0.20348.1970 Microsoft Windows Server 2022 10.0.20348.2031 Microsoft Windows Server 2022 10.0.20348.2113 Microsoft Windows Server 2022 10.0.20348.2159 Microsoft Windows Server 2022 10.0.20348.2201 Microsoft Windows Server 2022 10.0.20348.2227 Microsoft Windows Server 2022 10.0.20348.2322 Microsoft Windows Server 2022 10.0.20348.2333 Microsoft Windows Server 2022 10.0.20348.2340 Microsoft Windows Server 2022 10.0.20348.2402 Microsoft Windows Server 2022 10.0.20348.2458 Microsoft Windows Server 2022 10.0.20348.2461 Microsoft Windows Server 2022 10.0.20348.2522 Microsoft Windows Server 2022 10.0.20348.2582 Microsoft Windows Server 2022 10.0.20348.2655 Microsoft Windows Server 2022 10.0.20348.2700 Microsoft Windows Server 2022 10.0.20348.2762 Microsoft Windows Server 2022 10.0.20348.2849 Microsoft Windows Server 2022 10.0.20348.2966 Microsoft Windows Server 2022 23H2 - Microsoft Windows Server 2022 23H2 10.0.25398.521 Microsoft Windows Server 2022 23H2 10.0.25398.531 Microsoft Windows Server 2022 23H2 10.0.25398.584 Microsoft Windows Server 2022 23H2 10.0.25398.643 Microsoft Windows Server 2022 23H2 10.0.25398.709 Microsoft Windows Server 2022 23H2 10.0.25398.763 Microsoft Windows Server 2022 23H2 10.0.25398.830 Microsoft Windows Server 2022 23H2 10.0.25398.887 Microsoft Windows Server 2022 23H2 10.0.25398.950 Microsoft Windows Server 2022 23H2 10.0.25398.1009 Microsoft Windows Server 2022 23H2 10.0.25398.1085 Microsoft Windows Server 2022 23H2 10.0.25398.1128 Microsoft Windows Server 2022 23H2 10.0.25398.1189 Microsoft Windows Server 2022 23H2 10.0.25398.1251 Microsoft Windows Server 2022 23H2 10.0.25398.1308 Microsoft Windows Server 2025 - Microsoft Windows Server 2025 10.0.26100.2314 Microsoft Windows Server 2025 10.0.26100.3107 Microsoft Windows Server 2025 10.0.26100.3403	318

Common Weakness Enumeration (CWE)

CWE-591 - Sensitive Data Storage in Improperly Locked Memory

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30394