CVE-2025-29812
published 2025-04-08CVE-2025-29812: Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
PriorityP343high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.66%
46.7th percentile
Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_11_22h2 | < 10.0.22621.5189 | 10.0.22621.5189 |
| microsoft | windows_11_23h2 | < 10.0.22631.5189 | 10.0.22631.5189 |
| microsoft | windows_11_24h2 | < 10.0.26100.3775 | 10.0.26100.3775 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.5189 | 10.0.22621.5189 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.5189 | 10.0.22631.5189 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.5189 | 10.0.22631.5189 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.3775 | 10.0.26100.3775 |
| microsoft | windows_server_2022 | < 10.0.20348.3453 | 10.0.20348.3453 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.3453 | 10.0.20348.3453 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.1551 | 10.0.25398.1551 |
| microsoft | windows_server_2025 | < 10.0.26100.3775 | 10.0.26100.3775 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.3775 | 10.0.26100.3775 |
| msrc | windows_11_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_x64-based_systems | — | — |
| msrc | windows_server_2022 | — | — |
| msrc | windows_server_2022_23h2_edition | — | — |
| msrc | windows_server_2025 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-443w-gf2f-8h6x: Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally
ghsa_unreviewed·2025-04-08
CVE-2025-29812 [HIGH] CWE-822 GHSA-443w-gf2f-8h6x: Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally
Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
Microsoft
DirectX Graphics Kernel Elevation of Privilege Vulnerability
vendor_msrc·2025-04-08·CVSS 7.8
CVE-2025-29812 [HIGH] CWE-822 DirectX Graphics Kernel Elevation of Privilege Vulnerability
DirectX Graphics Kernel Elevation of Privilege Vulnerability
Description: Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability?
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
Windows Kernel Memory: Windows Kernel Memory
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055526
Reference: https://support.microsoft.com/help/5055526
Reference: https://catalog.update.microsoft.com/v7/s
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday for April 2025 — Snort rules and prominent vulnerabilities
blogs_talos·2025-04-08·CVSS 8.1
[HIGH] Microsoft Patch Tuesday for April 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for April of 2025 which includes 126 vulnerabilities affecting a range of products, including 11 that Microsoft marked as “critical”.
In this month's release, none of the included vulnerabilities have been observed by Microsoft to be exploited in the wild. The eleven "critical” entries are all remote code execution (RCE) vulnerabilities, four of which have been marked as "Exploitation more likely".
Two of the “critical” vulnerabilities listed affect components of the Windows Remote Desktop Services.
CVE-2025-27480 and CVE-2025-27482 are RCE vulnerabilities in components of the Remote Desktop Gateway Service. Both vulnerabilities were given a CVSS 3.1 score of 8.1. To successfully exploit these an attacker could connect to a system with
Talos
Microsoft Patch Tuesday for April 2025 — Snort rules and prominent vulnerabilities
blogs_talos·2025-04-08·CVSS 8.1
[HIGH] Microsoft Patch Tuesday for April 2025 — Snort rules and prominent vulnerabilities
## Microsoft Patch Tuesday for April 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for April of 2025 which includes 126 vulnerabilities affecting a range of products, including 11 that Microsoft marked as “critical”.
In this month's release, none of the included vulnerabilities have been observed by Microsoft to be exploited in the wild. The eleven "critical” entries are all remote code execution (RCE) vulnerabilities, four of which have been marked as "Exploitation more likely".
Two of the “critical” vulnerabilities listed affect components of the Windows Remote Desktop Services.
CVE-2025-27480 and CVE-2025-27482 are RCE vulnerabilities in components of the Remote Desktop Gateway Service. Both vulnerabilities were given a CVSS 3.1
Qualys
Microsoft and Adobe Patch Tuesday, April 2025 Security Update Review | Qualys
blogs_qualys·2025-04-08
Microsoft and Adobe Patch Tuesday, April 2025 Security Update Review | Qualys
#### Table of Contents
- Microsoft Patch Tuesday for April 2025
- Adobe Patches for April 2025
- Zero-day Vulnerabilities Patched in April Patch Tuesday Edition
- Critical Severity Vulnerabilities Patched in April Patch Tuesday Edition
- Other Microsoft Vulnerability Highlights
- Microsoft Release Summary
- Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
- Rapid Response withPatch Management (PM)
- EVALUATE Vendor-Suggested Mitigation with Policy Compliance (PC)
- Qualys Monthly Webinar Series
Microsoft’s April 2025 Patch Tuesday has arrived, delivering critical security updates and fixes across the various products, features, and roles. Here’s a quick breakdown of what you need to know.
## Microsoft Patch Tuesday for April 2025
In this m
Bleepingcomputer
Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws
blogs_bleepingcomputer·2025-04-08·CVSS 7.8
[HIGH] Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws
## Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws
## Lawrence Abrams
49 Elevation of Privilege Vulnerabilities
9 Security Feature Bypass Vulnerabilities
31 Remote Code Execution Vulnerabilities
17 Information Disclosure Vulnerabilities
14 Denial of Service Vulnerabilities
3 Spoofing Vulnerabilities
The above numbers do not include Mariner flaws and 13 Microsoft Edge vulnerabilities fixed earlier this month.
To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5055523 & KB5055528 cumulative updates and the Windows 10 KB5055518 update .
## One actively exploited zero-days
This month's Patch Tuesday fixes one actively exploited zero-day. Microsoft classifies a zero-day flaw as publicly disclos
Qualys
Microsoft and Adobe Patch Tuesday, April 2025 Security Update Review
blogs_qualys·2025-04-08
Microsoft and Adobe Patch Tuesday, April 2025 Security Update Review
## Table of Contents
Microsoft Patch Tuesday for April 2025
Adobe Patches for April 2025
Zero-day Vulnerabilities Patched in April Patch Tuesday Edition
Critical Severity Vulnerabilities Patched in April Patch Tuesday Edition
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
Rapid Response withPatch Management (PM)
EVALUATE Vendor-Suggested Mitigation with Policy Compliance (PC)
Qualys Monthly Webinar Series
Microsoft’s April 2025 Patch Tuesday has arrived, delivering critical security updates and fixes across the various products, features, and roles. Here’s a quick breakdown of what you need to know.
## Microsoft Patch Tuesday for April 2025
In this month’s Patch
Zscaler
Zscaler protects against 4 new vulnerabilities | 04-08-2025
blogs_zscaler·CVSS 5.4
[MEDIUM] Zscaler protects against 4 new vulnerabilities | 04-08-2025
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
2025-04-08
Published