CVE-2025-59278
published 2025-10-14CVE-2025-59278: Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
Affected
47 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1507 | < 10.0.10240.21161 | 10.0.10240.21161 |
| microsoft | windows_10_1607 | < 10.0.14393.8519 | 10.0.14393.8519 |
| microsoft | windows_10_1809 | < 10.0.17763.7919 | 10.0.17763.7919 |
| microsoft | windows_10_21h2 | < 10.0.19044.6456 | 10.0.19044.6456 |
| microsoft | windows_10_22h2 | < 10.0.19045.6456 | 10.0.19045.6456 |
| microsoft | windows_10_version_1507 | >= 10.0.10240.0 < 10.0.10240.21161 | 10.0.10240.21161 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.8519 | 10.0.14393.8519 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.7919 | 10.0.17763.7919 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.6456 | 10.0.19044.6456 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.6456 | 10.0.19045.6456 |
| microsoft | windows_11_22h2 | < 10.0.22621.6060 | 10.0.22621.6060 |
| microsoft | windows_11_23h2 | < 10.0.22631.6060 | 10.0.22631.6060 |
| microsoft | windows_11_24h2 | < 10.0.26100.6899 | 10.0.26100.6899 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.6060 | 10.0.22621.6060 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.6060 | 10.0.22631.6060 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.6060 | 10.0.22631.6060 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.6899 | 10.0.26100.6899 |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.7601.0 < 6.1.7601.27974 | 6.1.7601.27974 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.6003.0 < 6.0.6003.23571 | 6.0.6003.23571 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.25722 | 6.2.9200.25722 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.22824 | 6.3.9600.22824 |
| microsoft | windows_server_2016 | < 10.0.14393.8519 | 10.0.14393.8519 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.8519 | 10.0.14393.8519 |