CVE-2025-24052

CWE-121 — Stack-based Buffer Overflow4 documents4 sources

Severity

7.8HIGH

EPSS

0.1%

top 76.27%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 10 Version 1507 Microsoft Windows 10 Version 1607 Microsoft Windows 10 Version 1809 +32 more

Timeline

PublishedOct 14

Description

Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Windows. Microsoft recommends removing any existing dependencies on this hardware.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages34 packages

▶NVDmicrosoft/windows< 10.0.17763.7919+4

▶NVDmicrosoft/windows_10_1507< 10.0.10240.21161

▶NVDmicrosoft/windows_10_1607< 10.0.14393.8519

▶NVDmicrosoft/windows_10_1809< 10.0.17763.7919

▶NVDmicrosoft/windows_10_21h2< 10.0.19044.6456

🔴Vulnerability Details

CVEList

Windows Agere Modem Driver Elevation of Privilege Vulnerability↗2025-10-14

▶

GHSA

GHSA-2m9g-5j83-7rj2: Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems↗2025-10-14

▶

📋Vendor Advisories

Microsoft

Windows Agere Modem Driver Elevation of Privilege Vulnerability↗2025-10-14

▶