Microsoft Autoupdate vulnerabilities

7 known vulnerabilities affecting microsoft/autoupdate.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH7

Vulnerabilities

Page 1 of 1
CVE-2025-55317HIGHCVSS 7.8fixed in 4.802025-09-09
CVE-2025-55317 [HIGH] CWE-59 CVE-2025-55317: Improper link resolution before file access ('link following') in Microsoft AutoUpdate (MAU) allows Improper link resolution before file access ('link following') in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-47968HIGHCVSS 7.8fixed in 4.792025-06-10
CVE-2025-47968 [HIGH] CWE-20 CVE-2025-47968: Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate pri Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-29800HIGHCVSS 7.8fixed in 4.782025-04-08
CVE-2025-29800 [HIGH] CWE-269 CVE-2025-29800: Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-29801HIGHCVSS 7.8fixed in 4.782025-04-08
CVE-2025-29801 [HIGH] CWE-276 CVE-2025-29801: Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-24036HIGHCVSS 7.0fixed in 4.77.241219242025-02-11
CVE-2025-24036 [HIGH] CWE-367 CVE-2025-24036: Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
nvd
CVE-2025-21360HIGHCVSS 7.8fixed in 4.762025-01-14
CVE-2025-21360 [HIGH] CWE-269 CVE-2025-21360: Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
nvd
CVE-2024-43492HIGHCVSS 7.8fixed in 4.722024-09-10
CVE-2024-43492 [HIGH] CWE-284 CVE-2024-43492: Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
nvd