⚠ Actively exploited
Added to CISA KEV on 2025-03-11. Federal agencies required to patch by 2025-04-01. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable..

CVE-2025-24985Heap-based Buffer Overflow in Microsoft Windows 10 Version 1507

CWE-122Heap-based Buffer OverflowCWE-190Integer Overflow or Wraparound17 documents13 sources
Severity
7.8HIGHNVD
EPSS
0.7%
top 27.71%
CISA KEV
KEV
Added 2025-03-11
Due 2025-04-01
Exploit
No known exploits
Affected products
27
Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607Microsoft Windows 10 Version 1809+24 more
Timeline
PublishedMar 11
KEV addedMar 11
Latest updateMar 12
KEV dueApr 1
CISA Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages26 packages

NVDmicrosoft/windows< 10.0.14393.7876+5
NVDmicrosoft/windows_10_1507< 10.0.10240.20947
NVDmicrosoft/windows_10_1607< 10.0.14393.7876
NVDmicrosoft/windows_10_1809< 10.0.17763.7009
NVDmicrosoft/windows_10_21h2< 10.0.19044.5608

Patches

Patch: msrc.microsoft.com

🔴Vulnerability Details

3
CVEList
Windows Fast FAT File System Driver Remote Code Execution Vulnerability2025-03-11
GHSA
GHSA-vf6f-gpmv-93m4: Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally2025-03-11
VulnCheck
Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability2025

📋Vendor Advisories

2
Microsoft
Windows Fast FAT File System Driver Remote Code Execution Vulnerability2025-03-11
CISA
Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability2025-03-11

🕵️Threat Intelligence

11
Bleepingcomputer
Microsoft patches Windows Kernel zero-day exploited since 20232025-03-12
Krebs
Microsoft: 6 Zero-Days in March 2025 Patch Tuesday2025-03-12
Qualys
Microsoft and Adobe Patch Tuesday, March 2025 Security Update Review2025-03-11
Talos
Microsoft Patch Tuesday for March 2025 — Snort rules and prominent vulnerabilities2025-03-11
Tenable
Microsoft’s March 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-26633, CVE-2025-24983, CVE-2025-24993)2025-03-11
CVE-2025-24985 — Heap-based Buffer Overflow | cvebase