CVE-2025-53131Heap-based Buffer Overflow in Microsoft Windows 10 Version 1809

CWE-122Heap-based Buffer OverflowCWE-476NULL Pointer Dereference12 documents6 sources
Severity
8.8HIGHNVD
OSV5.5
EPSS
0.1%
top 70.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
18
Microsoft Windows 10 Version 1809Microsoft Windows 10 Version 21h2Microsoft Windows 10 Version 22h2+15 more
Timeline
PublishedAug 12
Latest updateSep 24

Description

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages18 packages

NVDmicrosoft/windows< 10.0.17763.7678+3
NVDmicrosoft/windows_10_1809< 10.0.17763.7678
NVDmicrosoft/windows_10_21h2< 10.0.19044.6216
NVDmicrosoft/windows_10_22h2< 10.0.19045.6216
NVDmicrosoft/windows_11_22h2< 10.0.22621.5768

🔴Vulnerability Details

8
OSV
linux-aws-fips vulnerabilities2025-09-24
OSV
linux-fips, linux-azure-fips, linux-gcp-fips vulnerabilities2025-09-17
OSV
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities2025-09-17
OSV
linux-aws vulnerabilities2025-09-02
OSV
linux-fips vulnerabilities2025-08-28

📋Vendor Advisories

2
Microsoft
Windows Media Remote Code Execution Vulnerability2025-08-12
Microsoft
nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint2024-12-10

🕵️Threat Intelligence

1
Bleepingcomputer
Microsoft August 2025 Patch Tuesday fixes one zero-day, 107 flaws2025-08-12
CVE-2025-53131 — Heap-based Buffer Overflow | cvebase