CVE-2025-29841
published 2025-05-13CVE-2025-29841: Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker…
PriorityP335high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
EPSS
0.33%
24.5th percentile
Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.
Affected
31 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_21h2 | < 10.0.19044.5854 | 10.0.19044.5854 |
| microsoft | windows_10_22h2 | < 10.0.19045.5854 | 10.0.19045.5854 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.5854 | 10.0.19044.5854 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.5854 | 10.0.19045.5854 |
| microsoft | windows_11_22h2 | < 10.0.22621.5335 | 10.0.22621.5335 |
| microsoft | windows_11_23h2 | < 10.0.22631.5335 | 10.0.22631.5335 |
| microsoft | windows_11_24h2 | < 10.0.26100.4061 | 10.0.26100.4061 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.5335 | 10.0.22621.5335 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.5335 | 10.0.22631.5335 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.5335 | 10.0.22631.5335 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.4061 | 10.0.26100.4061 |
| microsoft | windows_server_2022 | < 10.0.20348.3692 | 10.0.20348.3692 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.3692 | 10.0.20348.3692 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.1611 | 10.0.25398.1611 |
| microsoft | windows_server_2025 | < 10.0.26100.4061 | 10.0.26100.4061 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.4061 | 10.0.26100.4061 |
| msrc | windows_10_version_21h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_21h2_for_arm64-based_systems | — | — |
| msrc | windows_10_version_21h2_for_x64-based_systems | — | — |
| msrc | windows_10_version_22h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_10_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_arm64-based_systems | — | — |
CVSS provenance
nvdv3.17.0HIGHCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.0HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Universal Print Management Service Elevation of Privilege Vulnerability
vendor_msrc·2025-05-13·CVSS 7.0
CVE-2025-29841 [HIGH] CWE-362 Universal Print Management Service Elevation of Privilege Vulnerability
Universal Print Management Service Elevation of Privilege Vulnerability
Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.
FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability?
An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-free vulnerability, even as a standard user.
FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?
Successful exploitation of this vulnerability requires an attacker to win a race condition.
Universal Print Management
GHSA
GHSA-88m4-xjxp-h8hj: Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized
ghsa_unreviewed·2025-05-13
CVE-2025-29841 [HIGH] CWE-362 GHSA-88m4-xjxp-h8hj: Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized
Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.
No detection rules found.
No public exploits indexed.
Qualys
Microsoft and Adobe Patch Tuesday, May 2025 Security Update Review
blogs_qualys·2025-05-13
Microsoft and Adobe Patch Tuesday, May 2025 Security Update Review
## Table of Contents
Microsoft Patch Tuesday for May 2025
Adobe Patches for May 2025
Zero-day Vulnerabilities Patched in May Patch Tuesday Edition
Critical Severity Vulnerabilities Patched in May Patch Tuesday Edition
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
Rapid Response withPatch Management (PM)
EVALUATE Vendor-Suggested Mitigation with Policy Audit
Qualys Monthly Webinar Series
Microsoft’s May 2025 Patch Tuesday rolls out critical security updates, addressing multiple vulnerabilities across Windows, Office, and other key products. Here’s a quick breakdown of what you need to know.
## Microsoft Patch Tuesday for May 2025
In this month’s Patch Tuesday, Ma
Qualys
Microsoft and Adobe Patch Tuesday, May 2025 Security Update Review | Qualys
blogs_qualys·2025-05-13
Microsoft and Adobe Patch Tuesday, May 2025 Security Update Review | Qualys
#### Table of Contents
- Microsoft Patch Tuesday for May 2025
- Adobe Patches for May 2025
- Zero-day Vulnerabilities Patched in May Patch Tuesday Edition
- Critical Severity Vulnerabilities Patched in May Patch Tuesday Edition
- Other Microsoft Vulnerability Highlights
- Microsoft Release Summary
- Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
- Rapid Response withPatch Management (PM)
- EVALUATE Vendor-Suggested Mitigation with Policy Audit
- Qualys Monthly Webinar Series
Microsoft’s May 2025 Patch Tuesday rolls out critical security updates, addressing multiple vulnerabilities across Windows, Office, and other key products. Here’s a quick breakdown of what you need to know.
## Microsoft Patch Tuesday for May 2025
In this month’s Patc
Talos
Microsoft Patch Tuesday for May 2025 — Snort rules and prominent vulnerabilities
blogs_talos·2025-05-13·CVSS 8.8
CVE-2025-30397 [HIGH] Microsoft Patch Tuesday for May 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for May of 2025 which includes 78 vulnerabilities affecting a range of products, including 11 that Microsoft marked as “critical”.
Microsoft noted five vulnerabilities that have been observed to be exploited in the wild. CVE-2025-30397 is a remote code execution vulnerability in the Microsoft Scripting Engine. There were also four elevation of privilege vulnerabilities being actively exploited, CVE-2025-32709, CVE-2025-30400, CVE-2025-32701 and CVE-2025-32706 affecting the Ancillary Function Driver for WinSock, the DWM Core Library and the Windows Common Log File System Driver.
The eleven "critical” entries consist of five remote code execution (RCE) vulnerabilities, four elevation of privilege vulnerabilities, one information disclosure
Talos
Microsoft Patch Tuesday for May 2025 — Snort rules and prominent vulnerabilities
blogs_talos·2025-05-13·CVSS 8.8
CVE-2025-30397 [HIGH] Microsoft Patch Tuesday for May 2025 — Snort rules and prominent vulnerabilities
## Microsoft Patch Tuesday for May 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for May of 2025 which includes 78 vulnerabilities affecting a range of products, including 11 that Microsoft marked as “critical”.
Microsoft noted five vulnerabilities that have been observed to be exploited in the wild. CVE-2025-30397 is a remote code execution vulnerability in the Microsoft Scripting Engine. There were also four elevation of privilege vulnerabilities being actively exploited, CVE-2025-32709 , CVE-2025-30400 , CVE-2025-32701 and CVE-2025-32706 affecting the Ancillary Function Driver for WinSock, the DWM Core Library and the Windows Common Log File System Driver.
The eleven "critical” entries consist of five remote code execution (RCE) v
Bleepingcomputer
Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws
blogs_bleepingcomputer·2025-05-13·CVSS 7.8
[HIGH] Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws
## Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws
## Lawrence Abrams
Today is Microsoft's May 2025 Patch Tuesday, which includes security updates for 72 flaws, including five actively exploited and two publicly disclosed zero-day vulnerabilities.
This Patch Tuesday also fixes six "Critical" vulnerabilities, five being remote code execution vulnerabilities and another an information disclosure bug.
The number of bugs in each vulnerability category is listed below:
17 Elevation of Privilege Vulnerabilities
2 Security Feature Bypass Vulnerabilities
28 Remote Code Execution Vulnerabilities
15 Information Disclosure Vulnerabilities
7 Denial of Service Vulnerabilities
2 Spoofing Vulnerabilities
This count does not include Azure, Dataverse, Mariner, and Microsof
2025-05-13
Published