CVE-2025-55677
published 2025-10-14CVE-2025-55677: Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
PriorityP344high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.38%
30.0th percentile
Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_11_24h2 | < 10.0.26100.6899 | 10.0.26100.6899 |
| microsoft | windows_11_25h2 | < 10.0.26200.6899 | 10.0.26200.6899 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.6899 | 10.0.26100.6899 |
| microsoft | windows_11_version_25h2 | >= 10.0.26200.0 < 10.0.26200.6899 | 10.0.26200.6899 |
| microsoft | windows_server_2025 | < 10.0.26100.6899 | 10.0.26100.6899 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.6899 | 10.0.26100.6899 |
| msrc | windows_11_version_24h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_25h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_25h2_for_x64-based_systems | — | — |
| msrc | windows_server_2025 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fgmc-2v94-p53g: Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally
ghsa_unreviewed·2025-10-14
CVE-2025-55677 [HIGH] CWE-822 GHSA-fgmc-2v94-p53g: Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally
Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
Microsoft
Windows Device Association Broker Service Elevation of Privilege Vulnerability
vendor_msrc·2025-10-14·CVSS 7.8
CVE-2025-55677 [HIGH] CWE-822 Windows Device Association Broker Service Elevation of Privilege Vulnerability
Windows Device Association Broker Service Elevation of Privilege Vulnerability
Description: Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability?
An attacker could use this vulnerability to elevate privileges from Medium Integrity Level to Local Service.
Windows Device Association Broker service: Windows Device Association Broker service
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5066835
Reference: h
No detection rules found.
No public exploits indexed.
2025-10-14
Published