CVE-2025-26644
published 2025-04-08CVE-2025-26644: Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to…
PriorityP423medium5.1CVSS 3.1
AVLACHPRNUINSUCNIHAN
EPSS
0.50%
38.8th percentile
Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1809 | < 10.0.17763.7136 | 10.0.17763.7136 |
| microsoft | windows_10_21h2 | < 10.0.19044.5737 | 10.0.19044.5737 |
| microsoft | windows_10_22h2 | < 10.0.19045.5737 | 10.0.19045.5737 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.7136 | 10.0.17763.7136 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.5737 | 10.0.19044.5737 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.5737 | 10.0.19045.5737 |
| microsoft | windows_11_22h2 | < 10.0.22621.5189 | 10.0.22621.5189 |
| microsoft | windows_11_23h2 | < 10.0.22631.5189 | 10.0.22631.5189 |
| microsoft | windows_11_24h2 | < 10.0.26100.3775 | 10.0.26100.3775 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.5189 | 10.0.22621.5189 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.5189 | 10.0.22631.5189 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.5189 | 10.0.22631.5189 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.3775 | 10.0.26100.3775 |
| microsoft | windows_server_2019 | < 10.0.17763.7136 | 10.0.17763.7136 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.7136 | 10.0.17763.7136 |
| microsoft | windows_server_2025 | < 10.0.26100.3775 | 10.0.26100.3775 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.3775 | 10.0.26100.3775 |
| msrc | windows_10_version_1809_for_32-bit_systems | — | — |
| msrc | windows_10_version_1809_for_x64-based_systems | — | — |
| msrc | windows_10_version_21h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_21h2_for_arm64-based_systems | — | — |
| msrc | windows_10_version_21h2_for_x64-based_systems | — | — |
| msrc | windows_10_version_22h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_10_version_22h2_for_x64-based_systems | — | — |
CVSS provenance
nvdv3.15.1MEDIUMCVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
vendor_msrc5.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Windows Hello Spoofing Vulnerability
vendor_msrc·2025-04-08·CVSS 5.1
CVE-2025-26644 [MEDIUM] CWE-1039 Windows Hello Spoofing Vulnerability
Windows Hello Spoofing Vulnerability
Description: Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.
Windows Hello: Windows Hello
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Spoofing
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055519
Reference: https://support.microsoft.com/help/5055519
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055518
Reference: https://support.microsoft.com/help/5055518
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055528
Reference:
GHSA
GHSA-2f5r-r4jx-hh42: Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attac
ghsa_unreviewed·2025-04-08
CVE-2025-26644 [MEDIUM] CWE-1039 GHSA-2f5r-r4jx-hh42: Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attac
Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.
No detection rules found.
No public exploits indexed.
2025-04-08
Published