Microsoft Windows Server 2022 23H2 vulnerabilities

CVE-2025-49659 [HIGH] CWE-126 CVE-2025-49659: Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.

CVE-2025-48805 [HIGH] CWE-122 CVE-2025-48805: Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to exec Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

CVE-2025-49724 [HIGH] CWE-416 CVE-2025-49724: Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to exec Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.

CVE-2025-49726 [HIGH] CWE-416 CVE-2025-49726: Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

CVE-2025-49674 [HIGH] CWE-122 CVE-2025-49674: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVE-2025-48819 [HIGH] CWE-591 CVE-2025-48819: Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

CVE-2025-47985 [HIGH] CWE-822 CVE-2025-47985: Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate priv Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

CVE-2025-49740 [HIGH] CWE-693 CVE-2025-49740: Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a secu Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.

CVE-2025-49733 [HIGH] CWE-416 CVE-2025-49733: Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

CVE-2025-49680 [HIGH] CWE-59 CVE-2025-49680: Improper link resolution before file access ('link following') in Windows Performance Recorder allow Improper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to deny service locally.

CVE-2025-47987 [HIGH] CWE-122 CVE-2025-47987: Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elev Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.

CVE-2025-47986 [HIGH] CWE-416 CVE-2025-47986: Use after free in Universal Print Management Service allows an authorized attacker to elevate privil Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.

CVE-2025-48817 [HIGH] CWE-23 CVE-2025-48817: Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code ove Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

CVE-2025-49723 [HIGH] CWE-862 CVE-2025-49723: Missing authorization in Windows StateRepository API allows an authorized attacker to perform tamper Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.

CVE-2025-49686 [HIGH] CWE-476 CVE-2025-49686: Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges local Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

CVE-2025-49663 [HIGH] CWE-122 CVE-2025-49663: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

CVE-2025-49690 [HIGH] CWE-362 CVE-2025-49690: Concurrent execution using shared resource with improper synchronization ('race condition') in Capab Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally.

CVE-2025-49691 [HIGH] CWE-122 CVE-2025-49691: Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network.

CVE-2025-49682 [HIGH] CWE-416 CVE-2025-49682: Use after free in Windows Media allows an authorized attacker to elevate privileges locally. Use after free in Windows Media allows an authorized attacker to elevate privileges locally.

CVE-2025-49666 [HIGH] CWE-122 CVE-2025-49666: Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a ne Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network.