CVE-2025-24072
published 2025-03-11CVE-2025-24072: Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.
Affected
47 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1507 | < 10.0.10240.20947 | 10.0.10240.20947 |
| microsoft | windows_10_1607 | < 10.0.14393.7876 | 10.0.14393.7876 |
| microsoft | windows_10_1809 | < 10.0.17763.7009 | 10.0.17763.7009 |
| microsoft | windows_10_21h2 | < 10.0.19044.5608 | 10.0.19044.5608 |
| microsoft | windows_10_22h2 | < 10.0.19045.5608 | 10.0.19045.5608 |
| microsoft | windows_10_version_1507 | >= 10.0.10240.0 < 10.0.10240.20947 | 10.0.10240.20947 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.7876 | 10.0.14393.7876 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.7009 | 10.0.17763.7009 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.5608 | 10.0.19044.5608 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.5608 | 10.0.19045.5608 |
| microsoft | windows_11_22h2 | < 10.0.22621.5039 | 10.0.22621.5039 |
| microsoft | windows_11_23h2 | < 10.0.22631.5039 | 10.0.22631.5039 |
| microsoft | windows_11_24h2 | < 10.0.26100.3403 | 10.0.26100.3403 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.5039 | 10.0.22621.5039 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.5039 | 10.0.22631.5039 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.5039 | 10.0.22631.5039 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.3476 | 10.0.26100.3476 |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.7601.0 < 6.1.7601.27618 | 6.1.7601.27618 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.6003.0 < 6.0.6003.23168 | 6.0.6003.23168 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.25368 | 6.2.9200.25368 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.22470 | 6.3.9600.22470 |
| microsoft | windows_server_2016 | < 10.0.14393.7876 | 10.0.14393.7876 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.7876 | 10.0.14393.7876 |