Msrc Windows Server 2019 vulnerabilities

CVE-2025-48804 [MEDIUM] CWE-349 Windows BitLocker Security Feature Bypass Vulnerability Windows BitLocker Security Feature Bypass Vulnerability Description: Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the BitLocker Device Encryption feature on

CVE-2025-48818 [MEDIUM] CWE-367 Windows BitLocker Security Feature Bypass Vulnerability Windows BitLocker Security Feature Bypass Vulnerability Description: Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the BitLocker Device Encryption feature on the sys

CVE-2025-48800 [MEDIUM] CWE-693 Windows BitLocker Security Feature Bypass Vulnerability Windows BitLocker Security Feature Bypass Vulnerability Description: Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. A

CVE-2025-48823 [MEDIUM] CWE-310 Windows Cryptographic Services Information Disclosure Vulnerability Windows Cryptographic Services Information Disclosure Vulnerability Description: Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability To exploit this vulnerability, an attacker would need to target an applica

CVE-2025-47999 [MEDIUM] CWE-820 Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability Description: Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network. FAQ: According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted netw

CVE-2025-48003 [MEDIUM] CWE-693 Windows BitLocker Security Feature Bypass Vulnerability Windows BitLocker Security Feature Bypass Vulnerability Description: Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. A

CVE-2025-49722 [MEDIUM] CWE-400 Windows Print Spooler Denial of Service Vulnerability Windows Print Spooler Denial of Service Vulnerability Description: Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network. FAQ: According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability? This attack is limited to systems connected to the same network segment as the attacker

CVE-2025-47980 [MEDIUM] CWE-200 Windows Imaging Component Information Disclosure Vulnerability Windows Imaging Component Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of hea

CVE-2025-48811 [MEDIUM] CWE-353 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability Description: Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successf

CVE-2024-36357 [MEDIUM] AMD: CVE-2024-36357 Transient Scheduler Attack in L1 Data Queue AMD: CVE-2024-36357 Transient Scheduler Attack in L1 Data Queue Description: The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability. Please

CVE-2025-49760 [LOW] CWE-73 Windows Storage Spoofing Vulnerability Windows Storage Spoofing Vulnerability Description: External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network. FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability? An authorized attacker with low privileges creates a scheduled task that is set to run when a user log

CVE-2025-32714 [HIGH] CWE-284 Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability Description: Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Installer: Windows Installer Microsoft: Mi

CVE-2025-32718 [HIGH] CWE-190 Windows SMB Client Elevation of Privilege Vulnerability Windows SMB Client Elevation of Privilege Vulnerability Description: Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows SMB: Windows SMB Microsoft: Microsoft

CVE-2025-33071 [HIGH] CWE-416 Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability Description: Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? An unauthenticated attacker could use a specially crafted application to leverage a cryptographic protocol vulnerability in Kerberos Key Dist

CVE-2025-33050 [HIGH] CWE-693 DHCP Server Service Denial of Service Vulnerability DHCP Server Service Denial of Service Vulnerability Description: Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network. Windows DHCP Server: Windows DHCP Server Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Reference: h

CVE-2025-33067 [HIGH] CWE-269 Windows Task Scheduler Elevation of Privilege Vulnerability Windows Task Scheduler Elevation of Privilege Vulnerability Description: Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: How could an attacker exploit t

CVE-2025-33066 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context

CVE-2025-32713 [HIGH] CWE-122 Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM p

CVE-2025-33070 [HIGH] CWE-908 Windows Netlogon Elevation of Privilege Vulnerability Windows Netlogon Elevation of Privilege Vulnerability Description: Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploit

CVE-2025-33073 [HIGH] CWE-284 Windows SMB Client Elevation of Privilege Vulnerability Windows SMB Client Elevation of Privilege Vulnerability Description: Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: How could an attacker exploit this vulnerab