CVE-2025-53801: Untrusted pointer dereference in Windows DWM allows an authorized attacker to elevate privileges locally.

high7.8CVSS 3.1

AVLACLPRLUINSUCHIHAH

Untrusted pointer dereference in Windows DWM allows an authorized attacker to elevate privileges locally.

Affected

33 ranges· showing 25

Vendor	Product	Version range	Fixed in
microsoft	windows_10_1507	< 10.0.10240.21128	10.0.10240.21128
microsoft	windows_10_1607	< 10.0.14393.8422	10.0.14393.8422
microsoft	windows_10_1809	< 10.0.17763.7792	10.0.17763.7792
microsoft	windows_10_21h2	< 10.0.19044.6332	10.0.19044.6332
microsoft	windows_10_22h2	< 10.0.19045.6332	10.0.19045.6332
microsoft	windows_10_version_1507	>= 10.0.10240.0 < 10.0.10240.21128	10.0.10240.21128
microsoft	windows_10_version_1607	>= 10.0.14393.0 < 10.0.14393.8422	10.0.14393.8422
microsoft	windows_10_version_1809	>= 10.0.17763.0 < 10.0.17763.7792	10.0.17763.7792
microsoft	windows_10_version_21h2	>= 10.0.19044.0 < 10.0.19044.6332	10.0.19044.6332
microsoft	windows_10_version_22h2	>= 10.0.19045.0 < 10.0.19045.6332	10.0.19045.6332
microsoft	windows_11_22h2	< 10.0.22621.5909	10.0.22621.5909
microsoft	windows_11_23h2	< 10.0.22631.5909	10.0.22631.5909
microsoft	windows_11_version_22h2	>= 10.0.22621.0 < 10.0.22621.5909	10.0.22621.5909
microsoft	windows_11_version_22h3	>= 10.0.22631.0 < 10.0.22631.5909	10.0.22631.5909
microsoft	windows_11_version_23h2	>= 10.0.22631.0 < 10.0.22631.5909	10.0.22631.5909
microsoft	windows_server_2016	< 10.0.14393.8422	10.0.14393.8422
microsoft	windows_server_2016	>= 10.0.14393.0 < 10.0.14393.8422	10.0.14393.8422
microsoft	windows_server_2019	< 10.0.17763.7792	10.0.17763.7792
microsoft	windows_server_2019	>= 10.0.17763.0 < 10.0.17763.7792	10.0.17763.7792
microsoft	windows_server_2022	< 10.0.20348.4106	10.0.20348.4106
microsoft	windows_server_2022	>= 10.0.20348.0 < 10.0.20348.4171	10.0.20348.4171
microsoft	windows_server_2022_23h2	< 10.0.25398.1849	10.0.25398.1849
msrc	windows_10	—	—
msrc	windows_10_version_1607	—	—
msrc	windows_10_version_1809	—	—