CVE-2025-26677: 
vulnerability analysis and mitigation

CVE-2025-26677 is a Denial of Service vulnerability affecting the Windows Remote Desktop Gateway (RD Gateway) Service, disclosed on May 13, 2025. The vulnerability stems from uncontrolled resource consumption in the Remote Desktop Gateway Service, which allows unauthorized attackers to perform denial of service attacks over a network. The affected systems include multiple versions of Windows Server, including Server 2016, 2019, 2022, and 2025 (Wiz, NVD).

The vulnerability is classified under CWE-400 (Uncontrolled Resource Consumption) and CWE-770 (Allocation of Resources Without Limits or Throttling). It has received a CVSS v3.1 base score of 7.5 (HIGH), with the following vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. The attack vector is network-based with low attack complexity, requiring no privileges or user interaction. While the vulnerability has no impact on confidentiality or integrity, it poses a high risk to system availability (NVD, Wiz).

The primary impact of this vulnerability is on system availability, as it enables unauthorized attackers to cause denial of service conditions in the Remote Desktop Gateway Service over a network. This could significantly disrupt remote access capabilities for organizations that rely on RD Gateway services (Wiz).

Microsoft has addressed this vulnerability by releasing security patches as part of their May 2025 Patch Tuesday updates. Organizations are strongly recommended to apply these security updates immediately through Windows Update or their enterprise management tools to mitigate the risk of exploitation (Wiz).