CVE-2025-48821: Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

high7.1CVSS 3.1

AVAACHPRLUINSUCHIHAH

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

Affected

47 ranges· showing 25

Vendor	Product	Version range	Fixed in
microsoft	windows_10_1507	< 10.0.10240.21073	10.0.10240.21073
microsoft	windows_10_1607	< 10.0.14393.8246	10.0.14393.8246
microsoft	windows_10_1809	< 10.0.17763.7558	10.0.17763.7558
microsoft	windows_10_21h2	< 10.0.19044.6093	10.0.19044.6093
microsoft	windows_10_22h2	< 10.0.19045.6093	10.0.19045.6093
microsoft	windows_10_version_1507	>= 10.0.10240.0 < 10.0.10240.21073	10.0.10240.21073
microsoft	windows_10_version_1607	>= 10.0.14393.0 < 10.0.14393.8246	10.0.14393.8246
microsoft	windows_10_version_1809	>= 10.0.17763.0 < 10.0.17763.7558	10.0.17763.7558
microsoft	windows_10_version_21h2	>= 10.0.19044.0 < 10.0.19044.6093	10.0.19044.6093
microsoft	windows_10_version_22h2	>= 10.0.19045.0 < 10.0.19045.6093	10.0.19045.6093
microsoft	windows_11_22h2	< 10.0.22621.5624	10.0.22621.5624
microsoft	windows_11_23h2	< 10.0.22631.5624	10.0.22631.5624
microsoft	windows_11_24h2	< 10.0.26100.4652	10.0.26100.4652
microsoft	windows_11_version_22h2	>= 10.0.22621.0 < 10.0.22621.5624	10.0.22621.5624
microsoft	windows_11_version_22h3	>= 10.0.22631.0 < 10.0.22631.5624	10.0.22631.5624
microsoft	windows_11_version_23h2	>= 10.0.22631.0 < 10.0.22631.5624	10.0.22631.5624
microsoft	windows_11_version_24h2	>= 10.0.26100.0 < 10.0.26100.4652	10.0.26100.4652
microsoft	windows_server_2008	—	—
microsoft	windows_server_2008_r2_service_pack_1	>= 6.1.7601.0 < 6.1.7601.27820	6.1.7601.27820
microsoft	windows_server_2008_service_pack_2	>= 6.0.6003.0 < 6.0.6003.23418	6.0.6003.23418
microsoft	windows_server_2012	—	—
microsoft	windows_server_2012	>= 6.2.9200.0 < 6.2.9200.25573	6.2.9200.25573
microsoft	windows_server_2012_r2	>= 6.3.9600.0 < 6.3.9600.22676	6.3.9600.22676
microsoft	windows_server_2016	< 10.0.14393.8246	10.0.14393.8246
microsoft	windows_server_2016	>= 10.0.14393.0 < 10.0.14393.8246	10.0.14393.8246