Msrc Windows Server 2022 vulnerabilities

CVE-2025-53789 [HIGH] CWE-306 Windows StateRepository API Server file Elevation of Privilege Vulnerability Windows StateRepository API Server file Elevation of Privilege Vulnerability Description: Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? The attacker would gain the rights of the user that is running the

CVE-2025-53140 [HIGH] CWE-416 Windows Kernel Transaction Manager Elevation of Privilege Vulnerability Windows Kernel Transaction Manager Elevation of Privilege Vulnerability Description: Use after free in Kernel Transaction Manager allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race conditi

CVE-2025-53145 [HIGH] CWE-843 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Description: Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. FAQ: How could an attacker exploit the vulnerability? To exploit this vulnerability, an authenticated attacker would need to send a specially crafted MSMQ packet to a

CVE-2025-53778 [HIGH] CWE-287 Windows NTLM Elevation of Privilege Vulnerability Windows NTLM Elevation of Privilege Vulnerability Description: Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows NTLM: Windows NTLM Microsoft: Microsoft Customer

CVE-2025-55230 [HIGH] CWE-822 Windows MBT Transport Driver Elevation of Privilege Vulnerability Windows MBT Transport Driver Elevation of Privilege Vulnerability Description: Untrusted pointer dereference in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows MBT

CVE-2025-50170 [HIGH] CWE-280 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Description: Improper handling of insufficient permissions or privileges in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited th

CVE-2025-53134 [HIGH] CWE-367 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that

CVE-2025-50155 [HIGH] CWE-843 Windows Push Notifications Apps Elevation of Privilege Vulnerability Windows Push Notifications Apps Elevation of Privilege Vulnerability Description: Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could e

CVE-2025-53143 [HIGH] CWE-843 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Description: Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. FAQ: How could an attacker exploit the vulnerability? To exploit this vulnerability, an authenticated attacker would need to send a specially crafted MSMQ packet to a

CVE-2025-49762 [HIGH] CWE-362 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vul

CVE-2025-53144 [HIGH] CWE-843 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Description: Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. FAQ: How could an attacker exploit the vulnerability? To exploit this vulnerability, an authenticated attacker would need to send a specially crafted MSMQ packet to a

CVE-2025-53131 [HIGH] CWE-122 Windows Media Remote Code Execution Vulnerability Windows Media Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires a user to open a specially crafted file from the attacker

CVE-2025-50158 [HIGH] CWE-367 Windows NTFS Information Disclosure Vulnerability Windows NTFS Information Disclosure Vulnerability Description: Time-of-check time-of-use (toctou) race condition in Windows NTFS allows an unauthorized attacker to disclose information locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: What type

CVE-2025-49761 [HIGH] CWE-416 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability Description: Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Kernel: Windows Kernel Microsoft: Microsoft Customer Action

CVE-2025-50177 [HIGH] CWE-416 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Description: Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network. FAQ: How could an attacker exploit the vulnerability? To exploit this vulnerability, an attacker would need to send a series of specially crafted MSMQ packets in a rapid sequence over HTTP to a MSMQ server. This

CVE-2025-53132 [HIGH] CWE-362 Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. W

CVE-2025-53149 [HIGH] CWE-122 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could g

CVE-2025-50163 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none

CVE-2025-50176 [HIGH] CWE-843 DirectX Graphics Kernel Remote Code Execution Vulnerability DirectX Graphics Kernel Remote Code Execution Vulnerability Description: Access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the

CVE-2025-53137 [HIGH] CWE-416 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability r