CVE-2025-24994
published 2025-03-11CVE-2025-24994: Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
PriorityP340high7.3CVSS 3.1
AVLACLPRLUIRSUCHIHAH
EPSS
1.17%
63.2th percentile
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_11_22h2 | < 10.0.22621.5039 | 10.0.22621.5039 |
| microsoft | windows_11_23h2 | < 10.0.22631.5039 | 10.0.22631.5039 |
| microsoft | windows_11_24h2 | < 10.0.26100.3403 | 10.0.26100.3403 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.5039 | 10.0.22621.5039 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.5039 | 10.0.22631.5039 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.5039 | 10.0.22631.5039 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.3476 | 10.0.26100.3476 |
| msrc | windows_11_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_x64-based_systems | — | — |
CVSS provenance
nvdv3.17.3HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
vendor_msrc7.3HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-w95m-f858-6462: Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally
ghsa_unreviewed·2025-03-11
CVE-2025-24994 [HIGH] CWE-284 GHSA-w95m-f858-6462: Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
Microsoft
Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability
vendor_msrc·2025-03-11·CVSS 7.3
CVE-2025-24994 [HIGH] CWE-284 Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability
Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability
Description: Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
FAQ: How could an attacker exploit this vulnerability?
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then trigger an event that could exploit the vulnerability and save an invalid state to a database or trigger other unintended actions.
FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability?
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L).
No detection rules found.
No public exploits indexed.
2025-03-11
Published