Msrc Windows Server 2022 23H2 Edition vulnerabilities

CVE-2025-59505 [HIGH] CWE-415 Windows Smart Card Reader Elevation of Privilege Vulnerability Windows Smart Card Reader Elevation of Privilege Vulnerability Description: Double free in Windows Smart Card allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Smart Card: Windows Smart Card Micros

CVE-2025-59514 [HIGH] CWE-269 Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability Description: Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mic

CVE-2025-60713 [HIGH] CWE-822 Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability Description: Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited th

CVE-2025-62217 [HIGH] CWE-362 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that

CVE-2025-60716 [HIGH] CWE-416 DirectX Graphics Kernel Elevation of Privilege Vulnerability DirectX Graphics Kernel Elevation of Privilege Vulnerability Description: Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: What privileges could b

CVE-2025-59515 [HIGH] CWE-416 Windows Broadcast DVR User Service Elevation of Privilege Vulnerability Windows Broadcast DVR User Service Elevation of Privilege Vulnerability Description: Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race

CVE-2025-60709 [HIGH] CWE-125 Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability Description: Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privilege

CVE-2025-59512 [HIGH] CWE-284 Customer Experience Improvement Program (CEIP) Elevation of Privilege Vulnerability Customer Experience Improvement Program (CEIP) Elevation of Privilege Vulnerability Description: Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerabi

CVE-2025-60705 [HIGH] CWE-284 Windows Client-Side Caching Elevation of Privilege Vulnerability Windows Client-Side Caching Elevation of Privilege Vulnerability Description: Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain administrator privileges. W

CVE-2025-62452 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (P

CVE-2025-60715 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are low (PR

CVE-2025-60704 [HIGH] CWE-325 Windows Kerberos Elevation of Privilege Vulnerability Windows Kerberos Elevation of Privilege Vulnerability Description: Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network. FAQ: How could an attacker exploit this vulnerability? When multiple attack vectors can be used, we assign a score based on the scenario with the higher risk. In one such scenario for this vulnerability, the attacker could convinc

CVE-2025-60719 [HIGH] CWE-822 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this

CVE-2025-62215 [HIGH] CWE-362 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attac

CVE-2025-59506 [HIGH] CWE-362 DirectX Graphics Kernel Elevation of Privilege Vulnerability DirectX Graphics Kernel Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerabilit

CVE-2025-62213 [HIGH] CWE-416 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability r

CVE-2025-59511 [HIGH] CWE-73 Windows WLAN Service Elevation of Privilege Vulnerability Windows WLAN Service Elevation of Privilege Vulnerability Description: External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. Windows WLAN

CVE-2025-60717 [HIGH] CWE-416 Windows Broadcast DVR User Service Elevation of Privilege Vulnerability Windows Broadcast DVR User Service Elevation of Privilege Vulnerability Description: Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privil

CVE-2025-60714 [HIGH] CWE-122 Windows OLE Remote Code Execution Vulnerability Windows OLE Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Ar

CVE-2025-60703 [HIGH] CWE-822 Windows Remote Desktop Services Elevation of Privilege Vulnerability Windows Remote Desktop Services Elevation of Privilege Vulnerability Description: Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Remo