CVE-2025-30394: 
vulnerability analysis and mitigation

CVE-2025-30394 is a vulnerability discovered in the Remote Desktop Gateway Service that involves sensitive data storage in improperly locked memory. The vulnerability was disclosed on May 13, 2025, affecting various versions of Microsoft Windows Server systems running Remote Desktop Gateway Service (NVD CVE, Microsoft Security).

The vulnerability is classified with CWE-591 (Sensitive Data Storage in Improperly Locked Memory) and CWE-362 (Concurrent Execution using Shared Resource with Improper Synchronization). It has been assigned a CVSS v3.1 base score of 5.9 (MEDIUM) with the vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating that the vulnerability is network-accessible, requires high attack complexity, needs no privileges or user interaction, and can result in high availability impact (NVD CVE).

The vulnerability allows an unauthorized attacker to deny service over a network. When successfully exploited, it can lead to service disruption of the Remote Desktop Gateway Service (NVD CVE).

The vulnerability affects multiple versions of Windows Server including Server 2012, 2012 R2, 2016 (versions up to 10.0.14393.8066), 2019 (versions up to 10.0.17763.7314), 2022 (versions up to 10.0.20348.3692), 2022 23H2 (versions up to 10.0.25398.1611), and 2025 (versions up to 10.0.26100.4061) (NVD CVE).