CVE-2025-59215Use After Free in Microsoft Windows 11 Version 24h2

CWE-416Use After Free4 documents4 sources
Severity
7.0HIGHNVD
EPSS
0.0%
top 92.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Microsoft Windows 11 Version 24h2Microsoft Windows Server 2025Microsoft Windows 11 24h2
Timeline
PublishedSep 18
Latest updateSep 19

Description

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages4 packages

NVDmicrosoft/windows< 10.0.26100.6508
NVDmicrosoft/windows_11_24h2< 10.0.26100.6508
CVEListV5microsoft/windows_server_202510.0.26100.010.0.26100.6584
CVEListV5microsoft/windows_11_version_24h210.0.26100.010.0.26100.6584

🔴Vulnerability Details

2
GHSA
GHSA-x99f-m27c-qcj5: Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally2025-09-19
CVEList
Windows Graphics Component Elevation of Privilege Vulnerability2025-09-18

📋Vendor Advisories

1
Microsoft
Windows Graphics Component Elevation of Privilege Vulnerability2025-09-09
CVE-2025-59215 — Use After Free in Microsoft | cvebase