Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2025-49677Use After Free in Microsoft Windows 11 Version 22h2

CWE-416Use After Free7 documents6 sources
Severity
7.0HIGHNVD
EPSS
2.4%
top 14.88%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Microsoft Windows 11 Version 22h2Microsoft Windows 11 22h2
Timeline
PublishedJul 8
Latest updateJul 16

Description

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages2 packages

NVDmicrosoft/windows_11_22h2< 10.0.22621.5624
CVEListV5microsoft/windows_11_version_22h210.0.22621.010.0.22621.5624

🔴Vulnerability Details

2
CVEList
Microsoft Brokering File System Elevation of Privilege Vulnerability2025-07-08
GHSA
GHSA-69q2-qmcc-6rh3: Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally2025-07-08

💥Exploits & PoCs

1
Exploit-DB
Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege2025-07-16

📋Vendor Advisories

1
Microsoft
Microsoft Brokering File System Elevation of Privilege Vulnerability2025-07-08

🕵️Threat Intelligence

2
Qualys
Microsoft and Adobe Patch Tuesday, July 2025 Security Update Review | Qualys2025-07-08
Qualys
Microsoft and Adobe Patch Tuesday, July 2025 Security Update Review2025-07-08
CVE-2025-49677 — Use After Free in Microsoft | cvebase