⚠ Actively exploited
Added to CISA KEV on 2025-05-13. Federal agencies required to patch by 2025-06-03. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable..
CVE-2025-30400 — Use After Free in Microsoft Windows 10 Version 1809
Severity
7.8HIGHNVD
EPSS
0.8%
top 26.76%
CISA KEV
KEV
Added 2025-05-13
Due 2025-06-03
Exploit
No known exploits
Affected products
Timeline
PublishedMay 13
KEV addedMay 13
Latest updateMay 14
KEV dueJun 3
CISA Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Description
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages17 packages
🔴Vulnerability Details
3📋Vendor Advisories
2🕵️Threat Intelligence
9Tenable▶
Microsoft’s May 2025 Patch Tuesday Addresses 71 CVEs (CVE-2025-32701, CVE-2025-32706, CVE-2025-30400)↗2025-05-13