Windows RasMan 0-Day (CVE-2025-59230): Actively Exploited Vulnerability Patched, But Risk Remains
The CVE-2025-59230 vulnerability, which was fixed as part of Microsoft‘s October 2025 Patch Tuesday update, was a 0-day vulnerability discovered and actively exploited in the Remote Access Connection Manager (RasMan) component of Windows.
The vulnerability was due to a local privilege escalation (EoP) flaw that allowed attackers to gain “SYSTEM” level privileges from a low-privilege user account.
Microsoft has released a patch to close this vulnerability; however, systems that have not been patched are still at serious risk.