CVE-2025-47969
published 2025-06-10CVE-2025-47969: Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally.
PriorityP418medium4.4CVSS 3.1
AVLACLPRHUINSUCHINAN
EPSS
0.58%
43.0th percentile
Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_11_22h2 | < 10.0.22621.5335 | 10.0.22621.5335 |
| microsoft | windows_11_23h2 | < 10.0.22621.5335 | 10.0.22621.5335 |
| microsoft | windows_11_24h2 | < 10.0.26100.3981 | 10.0.26100.3981 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.5335 | 10.0.22621.5335 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22621.5335 | 10.0.22621.5335 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22621.5335 | 10.0.22621.5335 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.4061 | 10.0.26100.4061 |
| microsoft | windows_server_2025 | < 10.0.26100.3981 | 10.0.26100.3981 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.4061 | 10.0.26100.4061 |
| msrc | windows_11_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_x64-based_systems | — | — |
| msrc | windows_server_2025 | — | — |
CVSS provenance
nvdv3.14.4MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
vendor_msrc4.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-36wp-r9w6-8qw8: Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally
ghsa_unreviewed·2025-06-10
CVE-2025-47969 [MEDIUM] CWE-200 GHSA-36wp-r9w6-8qw8: Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally
Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally.
Microsoft
Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
vendor_msrc·2025-06-10·CVSS 4.4
CVE-2025-47969 [MEDIUM] CWE-200 Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
Description: Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally.
FAQ: What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is secrets or privileged information belonging to the user of the affected application.
Windows Hello: Windows Hello
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Information Disclosure
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5058405
Re
No detection rules found.
No public exploits indexed.
2025-06-10
Published