CVE-2025-48000
published 2025-07-08CVE-2025-48000: Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1607 | < 10.0.14393.8246 | 10.0.14393.8246 |
| microsoft | windows_10_1809 | < 10.0.17763.7558 | 10.0.17763.7558 |
| microsoft | windows_10_21h2 | < 10.0.19044.6093 | 10.0.19044.6093 |
| microsoft | windows_10_22h2 | < 10.0.19045.6093 | 10.0.19045.6093 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.8246 | 10.0.14393.8246 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.7558 | 10.0.17763.7558 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.6093 | 10.0.19044.6093 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.6093 | 10.0.19045.6093 |
| microsoft | windows_11_22h2 | < 10.0.22621.5624 | 10.0.22621.5624 |
| microsoft | windows_11_23h2 | < 10.0.22631.5624 | 10.0.22631.5624 |
| microsoft | windows_11_24h2 | < 10.0.26100.4652 | 10.0.26100.4652 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.5624 | 10.0.22621.5624 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.5624 | 10.0.22631.5624 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.5624 | 10.0.22631.5624 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.4652 | 10.0.26100.4652 |
| microsoft | windows_server_2016 | < 10.0.14393.8246 | 10.0.14393.8246 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.8246 | 10.0.14393.8246 |
| microsoft | windows_server_2019 | < 10.0.17763.7558 | 10.0.17763.7558 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.7558 | 10.0.17763.7558 |
| microsoft | windows_server_2022 | < 10.0.20348.3932 | 10.0.20348.3932 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.3932 | 10.0.20348.3932 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.1732 | 10.0.25398.1732 |
| microsoft | windows_server_2025 | < 10.0.26100.4652 | 10.0.26100.4652 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.4652 | 10.0.26100.4652 |
| msrc | windows_10_version_1607 | — | — |
GHSA
GHSA-qvhq-cv88-v6v3: Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally
ghsa_unreviewed·2025-07-08
CVE-2025-48000 [HIGH] CWE-362 GHSA-qvhq-cv88-v6v3: Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
Microsoft
Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
vendor_msrc·2025-07-08·CVSS 7.8
CVE-2025-48000 [HIGH] CWE-416 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
Description: Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability?
An attacker could use this vulnerability to elevate privileges from Medium Integrity Level to Local Service.
Windows Connected Devices Platform Service: Windows Connected Devices Platform Service
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5062557
Reference: https://s
No detection rules found.
No public exploits indexed.
Qualys
Microsoft and Adobe Patch Tuesday, July 2025 Security Update Review | Qualys
blogs_qualys·2025-07-08
Microsoft and Adobe Patch Tuesday, July 2025 Security Update Review | Qualys
#### Table of Contents
- Microsoft Patch Tuesday for July 2025
- Adobe Patches for July 2025
- Zero-day Vulnerability Patched in July Patch Tuesday Edition
- Critical Severity Vulnerabilities Patched in July Patch Tuesday Edition
- Other Microsoft Vulnerability Highlights
- Microsoft Release Summary
- Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
- Rapid Response withPatch Management (PM)
- EVALUATE Vendor-Suggested Mitigation with Policy Audit
- Microsoft July 2025 Patch Tuesday Mitigations
- Qualys Monthly Webinar Series
With cybersecurity threats continuing to evolve, Microsoft’s July 2025 Patch Tuesday highlights the need for consistent patching — this month’s release includes key fixes for actively exploited vulnerabilities. Here’s a
Qualys
Microsoft and Adobe Patch Tuesday, July 2025 Security Update Review
blogs_qualys·2025-07-08
Microsoft and Adobe Patch Tuesday, July 2025 Security Update Review
## Table of Contents
Microsoft Patch Tuesday for July 2025
Adobe Patches for July 2025
Zero-day Vulnerability Patched in July Patch Tuesday Edition
Critical Severity Vulnerabilities Patched in July Patch Tuesday Edition
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
Rapid Response withPatch Management (PM)
EVALUATE Vendor-Suggested Mitigation with Policy Audit
Microsoft July 2025 Patch Tuesday Mitigations
Qualys Monthly Webinar Series
With cybersecurity threats continuing to evolve, Microsoft’s July 2025 Patch Tuesday highlights the need for consistent patching — this month’s release includes key fixes for actively exploited vulnerabilities. Here’s a quick breakdo
2025-07-08
Published