cbcvebase.
CVE-2025-27484
published 2025-04-08

CVE-2025-27484: Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges…

high7.5CVSS 3.1
AVNACHPRLUINSUCHIHAH
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.

Affected

47 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10_1507< 10.0.10240.2097810.0.10240.20978
microsoftwindows_10_1607< 10.0.14393.796910.0.14393.7969
microsoftwindows_10_1809< 10.0.17763.713610.0.17763.7136
microsoftwindows_10_21h2< 10.0.19044.573710.0.19044.5737
microsoftwindows_10_22h2< 10.0.19045.573710.0.19045.5737
microsoftwindows_10_version_1507>= 10.0.10240.0 < 10.0.10240.2097810.0.10240.20978
microsoftwindows_10_version_1607>= 10.0.14393.0 < 10.0.14393.796910.0.14393.7969
microsoftwindows_10_version_1809>= 10.0.17763.0 < 10.0.17763.713610.0.17763.7136
microsoftwindows_10_version_21h2>= 10.0.19044.0 < 10.0.19044.573710.0.19044.5737
microsoftwindows_10_version_22h2>= 10.0.19045.0 < 10.0.19045.573710.0.19045.5737
microsoftwindows_11_22h2< 10.0.22621.518910.0.22621.5189
microsoftwindows_11_23h2< 10.0.22631.518910.0.22631.5189
microsoftwindows_11_24h2< 10.0.26100.377510.0.26100.3775
microsoftwindows_11_version_22h2>= 10.0.22621.0 < 10.0.22621.518910.0.22621.5189
microsoftwindows_11_version_22h3>= 10.0.22631.0 < 10.0.22631.518910.0.22631.5189
microsoftwindows_11_version_23h2>= 10.0.22631.0 < 10.0.22631.518910.0.22631.5189
microsoftwindows_11_version_24h2>= 10.0.26100.0 < 10.0.26100.377510.0.26100.3775
microsoftwindows_server_2008
microsoftwindows_server_2008_r2_service_pack_1>= 6.1.7601.0 < 6.1.7601.276706.1.7601.27670
microsoftwindows_server_2008_service_pack_2>= 6.0.6003.0 < 6.0.6003.232206.0.6003.23220
microsoftwindows_server_2012
microsoftwindows_server_2012>= 6.2.9200.0 < 6.2.9200.254236.2.9200.25423
microsoftwindows_server_2012_r2>= 6.3.9600.0 < 6.3.9600.225236.3.9600.22523
microsoftwindows_server_2016< 10.0.14393.796910.0.14393.7969
microsoftwindows_server_2016>= 10.0.14393.0 < 10.0.14393.796910.0.14393.7969