CVE-2025-29964
published 2025-05-13CVE-2025-29964: Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
PriorityP352high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
0.85%
53.2th percentile
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1809 | < 10.0.17763.7314 | 10.0.17763.7314 |
| microsoft | windows_10_21h2 | < 10.0.19044.5854 | 10.0.19044.5854 |
| microsoft | windows_10_22h2 | < 10.0.19045.5854 | 10.0.19045.5854 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.7314 | 10.0.17763.7314 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.5854 | 10.0.19044.5854 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.5854 | 10.0.19045.5854 |
| microsoft | windows_11_22h2 | < 10.0.22621.5335 | 10.0.22621.5335 |
| microsoft | windows_11_23h2 | < 10.0.22631.5335 | 10.0.22631.5335 |
| microsoft | windows_11_24h2 | < 10.0.26100.4061 | 10.0.26100.4061 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.5335 | 10.0.22621.5335 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.5335 | 10.0.22631.5335 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.5335 | 10.0.22631.5335 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.4061 | 10.0.26100.4061 |
| microsoft | windows_server_2019 | < 10.0.17763.7314 | 10.0.17763.7314 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.7314 | 10.0.17763.7314 |
| microsoft | windows_server_2022 | < 10.0.20348.3692 | 10.0.20348.3692 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.3692 | 10.0.20348.3692 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.1611 | 10.0.25398.1611 |
| microsoft | windows_server_2025 | < 10.0.26100.4061 | 10.0.26100.4061 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.4061 | 10.0.26100.4061 |
| msrc | windows_10_version_1809 | — | — |
| msrc | windows_10_version_21h2 | — | — |
| msrc | windows_10_version_22h2 | — | — |
| msrc | windows_11_version_22h2 | — | — |
| msrc | windows_11_version_23h2 | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vm4g-9v9f-c5x3: Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network
ghsa_unreviewed·2025-05-13
CVE-2025-29964 [HIGH] CWE-122 GHSA-vm4g-9v9f-c5x3: Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
Microsoft
Windows Media Remote Code Execution Vulnerability
vendor_msrc·2025-05-13·CVSS 8.8
CVE-2025-29964 [HIGH] CWE-122 Windows Media Remote Code Execution Vulnerability
Windows Media Remote Code Execution Vulnerability
Description: Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
FAQ: How could an attacker exploit this vulnerability?
An unauthenticated attacker who successfully exploited this vulnerability could gain code execution through convincing a user to open a malicious document at which point the attacker could execute arbitrary code in the context of the user.
FAQ: According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). What is the target context of the remote code execution?
This attack requires a user to open a specially crafted file from the attacker to initiate remote code execution.
Windows Media: Windows Media
Microsoft: Micros
No detection rules found.
No public exploits indexed.
2025-05-13
Published