Msrc Windows 11 Version 22H2 vulnerabilities

CVE-2025-55695 [MEDIUM] CWE-125 Windows WLAN AutoConfig Service Information Disclosure Vulnerability Windows WLAN AutoConfig Service Information Disclosure Vulnerability Description: Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read portions of heap memory. Windows WLAN Auto

CVE-2025-55332 [MEDIUM] CWE-841 Windows BitLocker Security Feature Bypass Vulnerability Windows BitLocker Security Feature Bypass Vulnerability Description: Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the BitLocker Device Encryption feature on the system st

CVE-2025-59214 [MEDIUM] CWE-200 Microsoft Windows File Explorer Spoofing Vulnerability Microsoft Windows File Explorer Spoofing Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? A user would need to be tricked into opening a folder that contains a speci

CVE-2025-59209 [MEDIUM] CWE-200 Windows Push Notification Information Disclosure Vulnerability Windows Push Notification Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerab

CVE-2025-59211 [MEDIUM] CWE-200 Windows Push Notification Information Disclosure Vulnerability Windows Push Notification Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read portions of heap m

CVE-2025-58717 [MEDIUM] CWE-125 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Description: Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could po

CVE-2025-55333 [MEDIUM] CWE-1023 Windows BitLocker Security Feature Bypass Vulnerability Windows BitLocker Security Feature Bypass Vulnerability Description: Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the BitLocker Device Encryption feature on the system st

CVE-2025-59198 [MEDIUM] CWE-20 Windows Search Service Denial of Service Vulnerability Windows Search Service Denial of Service Vulnerability Description: Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally. FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability? The vulnerability can be exploited by a regular user without admin righ

CVE-2025-59197 [MEDIUM] CWE-532 Windows ETL Channel Information Disclosure Vulnerability Windows ETL Channel Information Disclosure Vulnerability Description: Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local memory address

CVE-2025-59280 [LOW] CWE-287 Windows SMB Client Tampering Vulnerability Windows SMB Client Tampering Vulnerability Description: Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network. FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability? An unauthorized attacker must wait for a user to initiate a connection. FAQ: According to the CVSS

CVE-2025-59294 [LOW] CWE-200 Windows Taskbar Live Preview Information Disclosure Vulnerability Windows Taskbar Live Preview Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose information with a physical attack. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited thi

CVE-2025-53801 [HIGH] CWE-822 Microsoft DWM Core Library Elevation of Privilege Vulnerability Microsoft DWM Core Library Elevation of Privilege Vulnerability Description: Untrusted pointer dereference in Windows DWM allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows DWM: Windows DWM Microso

CVE-2025-54918 [HIGH] CWE-287 Windows NTLM Elevation of Privilege Vulnerability Windows NTLM Elevation of Privilege Vulnerability Description: Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: According to the CVSS metric, the attack vector is net

CVE-2025-54116 [HIGH] CWE-284 Windows MultiPoint Services Elevation of Privilege Vulnerability Windows MultiPoint Services Elevation of Privilege Vulnerability Description: Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would be able to delete any system files. FAQ: According to the CVSS metric, user interaction is r

CVE-2025-55234 [HIGH] CWE-287 Windows SMB Elevation of Privilege Vulnerability Windows SMB Elevation of Privilege Vulnerability Description: SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against relay attacks: SMB Server signing SMB Server Extended Protec

CVE-2025-55223 [HIGH] CWE-362 DirectX Graphics Kernel Elevation of Privilege Vulnerability DirectX Graphics Kernel Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerabilit

CVE-2025-49734 [HIGH] CWE-923 PowerShell Direct Elevation of Privilege Vulnerability PowerShell Direct Elevation of Privilege Vulnerability Description: Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? The attacker, initially a non-admin user on the host, could hijack the PowerShell Direct session

CVE-2025-55236 [HIGH] CWE-367 Graphics Kernel Remote Code Execution Vulnerability Graphics Kernel Remote Code Execution Vulnerability Description: Time-of-check time-of-use (toctou) race condition in Graphics Kernel allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of explo

CVE-2025-54916 [HIGH] CWE-121 Windows NTFS Remote Code Execution Vulnerability Windows NTFS Remote Code Execution Vulnerability Description: Stack-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. FAQ: According to the CVSS

CVE-2025-54093 [HIGH] CWE-367 Windows TCP/IP Driver Elevation of Privilege Vulnerability Windows TCP/IP Driver Elevation of Privilege Vulnerability Description: Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: According to th