Msrc Windows 11 Version 23H2 vulnerabilities

CVE-2025-49686 [HIGH] CWE-476 Windows TCP/IP Driver Elevation of Privilege Vulnerability Windows TCP/IP Driver Elevation of Privilege Vulnerability Description: Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows TCP/IP: Windows TCP/IP Microsoft: Mi

CVE-2025-47987 [HIGH] CWE-122 Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vu

CVE-2025-49724 [HIGH] CWE-416 Windows Connected Devices Platform Service Remote Code Execution Vulnerability Windows Connected Devices Platform Service Remote Code Execution Vulnerability Description: Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, a remote unauthenticated attacker would need to send specially crafted traffic to a sy

CVE-2025-49665 [HIGH] CWE-362 Workspace Broker Elevation of Privilege Vulnerability Workspace Broker Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could potentially

CVE-2025-48816 [HIGH] CWE-190 HID Class Driver Elevation of Privilege Vulnerability HID Class Driver Elevation of Privilege Vulnerability Description: Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. HID class driver: HID class dri

CVE-2025-49679 [HIGH] CWE-197 Windows Shell Elevation of Privilege Vulnerability Windows Shell Elevation of Privilege Vulnerability Description: Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Shell: Windows Shell Microsoft: Microsoft Customer A

CVE-2025-49667 [HIGH] CWE-415 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Description: Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Win32K - ICOMP: Windows

CVE-2025-47159 [HIGH] CWE-693 Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability Description: Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulne

CVE-2025-47984 [HIGH] CWE-693 Windows GDI Information Disclosure Vulnerability Windows GDI Information Disclosure Vulnerability Description: Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information. Windows GDI: Windows GDI Microsoft:

CVE-2025-49742 [HIGH] CWE-190 Windows Graphics Component Remote Code Execution Vulnerability Windows Graphics Component Remote Code Execution Vulnerability Description: Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. Th

CVE-2025-49723 [HIGH] CWE-862 Windows StateRepository API Server file Tampering Vulnerability Windows StateRepository API Server file Tampering Vulnerability Description: Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally. FAQ: According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege A

CVE-2025-47996 [HIGH] CWE-191 Windows MBT Transport Driver Elevation of Privilege Vulnerability Windows MBT Transport Driver Elevation of Privilege Vulnerability Description: Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Win

CVE-2025-48817 [HIGH] CWE-23 Remote Desktop Client Remote Code Execution Vulnerability Remote Desktop Client Remote Code Execution Vulnerability Description: Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires an admin user on the client to co

CVE-2025-49721 [HIGH] CWE-122 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability Windows Fast FAT File System Driver Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L) while user interaction is required (UI:R). What does that mean for this vulnerability? An attacker can trick a local user o

CVE-2025-49661 [HIGH] CWE-822 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulner

CVE-2025-48821 [HIGH] CWE-416 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability Description: Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful expl

CVE-2025-49689 [HIGH] CWE-190 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability Description: Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L) while user interaction is required (UI:R). What does that mean for this vulnerability? An attacker can trick a local user on a vulnera

CVE-2025-47972 [HIGH] CWE-362 Windows Input Method Editor (IME) Elevation of Privilege Vulnerability Windows Input Method Editor (IME) Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerabilit

CVE-2025-48820 [HIGH] CWE-59 Windows AppX Deployment Service Elevation of Privilege Vulnerability Windows AppX Deployment Service Elevation of Privilege Vulnerability Description: Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An authenticated attacker would be able to delete targeted f

CVE-2025-48814 [HIGH] CWE-306 Remote Desktop Licensing Service Security Feature Bypass Vulnerability Remote Desktop Licensing Service Security Feature Bypass Vulnerability Description: Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network. FAQ: What security feature is being bypassed? An attacker with a machine-in-the-middle (MitM) position who successfully exploited this vulnerabilit