CVE-2025-53789
published 2025-08-12CVE-2025-53789: Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally.
Affected
39 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1507 | < 10.0.10240.21073 | 10.0.10240.21073 |
| microsoft | windows_10_1607 | < 10.0.14393.8246 | 10.0.14393.8246 |
| microsoft | windows_10_1809 | < 10.0.17763.7558 | 10.0.17763.7558 |
| microsoft | windows_10_21h2 | < 10.0.19044.6093 | 10.0.19044.6093 |
| microsoft | windows_10_22h2 | < 10.0.19045.6093 | 10.0.19045.6093 |
| microsoft | windows_10_version_1507 | >= 10.0.10240.0 < 10.0.10240.21073 | 10.0.10240.21073 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.8246 | 10.0.14393.8246 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.7558 | 10.0.17763.7558 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.6093 | 10.0.19044.6093 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19044.6093 | 10.0.19044.6093 |
| microsoft | windows_11_22h2 | < 10.0.22621.5624 | 10.0.22621.5624 |
| microsoft | windows_11_23h2 | <= 10.0.22631.5624 | — |
| microsoft | windows_11_24h2 | < 10.0.26100.4652 | 10.0.26100.4652 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22631.5624 | 10.0.22631.5624 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.5624 | 10.0.22631.5624 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22621.5624 | 10.0.22621.5624 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.4652 | 10.0.26100.4652 |
| microsoft | windows_server_2016 | < 10.0.14393.8246 | 10.0.14393.8246 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.8246 | 10.0.14393.8246 |
| microsoft | windows_server_2019 | < 10.0.17763.7558 | 10.0.17763.7558 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.7558 | 10.0.17763.7558 |
| microsoft | windows_server_2022 | < 10.0.20348.3932 | 10.0.20348.3932 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.3932 | 10.0.20348.3932 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.1732 | 10.0.25398.1732 |
| microsoft | windows_server_2025 | < 10.0.26100.4652 | 10.0.26100.4652 |