cbcvebase.
CVE-2025-53805
published 2025-09-09

CVE-2025-53805: Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network.

high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network.

Affected

21 ranges
VendorProductVersion rangeFixed in
microsoftwindows_11_22h2< 10.0.22621.590910.0.22621.5909
microsoftwindows_11_23h2< 10.0.22631.590910.0.22631.5909
microsoftwindows_11_24h2< 10.0.26100.650810.0.26100.6508
microsoftwindows_11_version_22h2>= 10.0.22621.0 < 10.0.22621.590910.0.22621.5909
microsoftwindows_11_version_22h3>= 10.0.22631.0 < 10.0.22631.590910.0.22631.5909
microsoftwindows_11_version_23h2>= 10.0.22631.0 < 10.0.22631.590910.0.22631.5909
microsoftwindows_11_version_24h2>= 10.0.26100.0 < 10.0.26100.658410.0.26100.6584
microsoftwindows_server_2022< 10.0.20348.410610.0.20348.4106
microsoftwindows_server_2022>= 10.0.20348.0 < 10.0.20348.417110.0.20348.4171
microsoftwindows_server_2022_23h2< 10.0.25398.184910.0.25398.1849
microsoftwindows_server_2025< 10.0.26100.650810.0.26100.6508
microsoftwindows_server_2025>= 10.0.26100.0 < 10.0.26100.658410.0.26100.6584
msrcwindows_11_version_22h2_for_arm64-based_systems
msrcwindows_11_version_22h2_for_x64-based_systems
msrcwindows_11_version_23h2_for_arm64-based_systems
msrcwindows_11_version_23h2_for_x64-based_systems
msrcwindows_11_version_24h2_for_arm64-based_systems
msrcwindows_11_version_24h2_for_x64-based_systems
msrcwindows_server_2022
msrcwindows_server_2022_23h2_edition
msrcwindows_server_2025