CVE-2025-59505: Double free in Windows Smart Card allows an authorized attacker to elevate privileges locally.

high7.8CVSS 3.1

AVLACLPRLUINSUCHIHAH

Double free in Windows Smart Card allows an authorized attacker to elevate privileges locally.

Affected

41 ranges· showing 25

Vendor	Product	Version range	Fixed in
microsoft	windows_10_1607	< 10.0.14393.8594	10.0.14393.8594
microsoft	windows_10_1809	< 10.0.17763.8027	10.0.17763.8027
microsoft	windows_10_21h2	< 10.0.19044.6575	10.0.19044.6575
microsoft	windows_10_22h2	< 10.0.19045.6575	10.0.19045.6575
microsoft	windows_10_version_1607	>= 10.0.14393.0 < 10.0.14393.8594	10.0.14393.8594
microsoft	windows_10_version_1809	>= 10.0.17763.0 < 10.0.17763.8027	10.0.17763.8027
microsoft	windows_10_version_21h2	>= 10.0.19044.0 < 10.0.19044.6575	10.0.19044.6575
microsoft	windows_10_version_22h2	>= 10.0.19045.0 < 10.0.19045.6575	10.0.19045.6575
microsoft	windows_11_23h2	< 10.0.22631.6199	10.0.22631.6199
microsoft	windows_11_24h2	< 10.0.26100.7092	10.0.26100.7092
microsoft	windows_11_25h2	< 10.0.26200.7092	10.0.26200.7092
microsoft	windows_11_version_22h3	>= 10.0.22631.0 < 10.0.22631.6199	10.0.22631.6199
microsoft	windows_11_version_23h2	>= 10.0.22631.0 < 10.0.22631.6199	10.0.22631.6199
microsoft	windows_11_version_24h2	>= 10.0.26100.0 < 10.0.26100.7171	10.0.26100.7171
microsoft	windows_11_version_25h2	>= 10.0.26200.0 < 10.0.26200.7171	10.0.26200.7171
microsoft	windows_server_2012	—	—
microsoft	windows_server_2012	>= 6.2.9200.0 < 6.2.9200.25768	6.2.9200.25768
microsoft	windows_server_2012_r2	>= 6.3.9600.0 < 6.3.9600.22869	6.3.9600.22869
microsoft	windows_server_2016	< 10.0.14393.8594	10.0.14393.8594
microsoft	windows_server_2016	>= 10.0.14393.0 < 10.0.14393.8594	10.0.14393.8594
microsoft	windows_server_2019	< 10.0.17763.8027	10.0.17763.8027
microsoft	windows_server_2019	>= 10.0.17763.0 < 10.0.17763.8027	10.0.17763.8027
microsoft	windows_server_2022	< 10.0.20348.4346	10.0.20348.4346
microsoft	windows_server_2022	>= 10.0.20348.0 < 10.0.20348.4405	10.0.20348.4405
microsoft	windows_server_2022_23h2	< 10.0.25398.1965	10.0.25398.1965