Msrc Windows Server 2022 23H2 Edition vulnerabilities

CVE-2025-60720 [HIGH] CWE-126 Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability Description: Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could g

CVE-2025-59508 [HIGH] CWE-362 Windows Speech Recognition Elevation of Privilege Vulnerability Windows Speech Recognition Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability

CVE-2025-59507 [HIGH] CWE-362 Windows Speech Runtime Elevation of Privilege Vulnerability Windows Speech Runtime Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability r

CVE-2025-59509 [MEDIUM] CWE-201 Windows Speech Recognition Information Disclosure Vulnerability Windows Speech Recognition Information Disclosure Vulnerability Description: Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is internal memor

CVE-2025-60723 [MEDIUM] CWE-362 DirectX Graphics Kernel Denial of Service Vulnerability DirectX Graphics Kernel Denial of Service Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to deny service over a network. FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful

CVE-2025-60708 [MEDIUM] CWE-822 Storvsp.sys Driver Denial of Service Vulnerability Storvsp.sys Driver Denial of Service Vulnerability Description: Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally. FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker c

CVE-2025-59510 [MEDIUM] CWE-59 Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability Description: Improper link resolution before file access ('link following') in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to deny service locally. Windows Routing and Remote Access Service (RRAS): Windows Routing and Remote Access Service (RRAS) Microsoft: Microsoft

CVE-2025-60706 [MEDIUM] CWE-125 Windows Hyper-V Information Disclosure Vulnerability Windows Hyper-V Information Disclosure Vulnerability Description: Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Micr

CVE-2025-59513 [MEDIUM] CWE-125 Windows Bluetooth RFCOM Protocol Driver Information Disclosure Vulnerability Windows Bluetooth RFCOM Protocol Driver Information Disclosure Vulnerability Description: Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally. FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), no loss of integrity (I:N), and some loss

CVE-2025-62208 [MEDIUM] CWE-532 Windows License Manager Information Disclosure Vulnerability Windows License Manager Information Disclosure Vulnerability Description: Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local me

CVE-2025-62209 [MEDIUM] CWE-532 Windows License Manager Information Disclosure Vulnerability Windows License Manager Information Disclosure Vulnerability Description: Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local me

CVE-2025-49708 [CRITICAL] CWE-416 Microsoft Graphics Component Elevation of Privilege Vulnerability Microsoft Graphics Component Elevation of Privilege Vulnerability Description: Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: How could a

CVE-2025-59287 [CRITICAL] CWE-502 Windows Server Update Service (WSUS) Remote Code Execution Vulnerability Windows Server Update Service (WSUS) Remote Code Execution Vulnerability Description: Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? A remote, unauthenticated attacker could send a crafted event that triggers unsafe object deserialization in a legacy s

CVE-2025-48004 [HIGH] CWE-416 Microsoft Brokering File System Elevation of Privilege Vulnerability Microsoft Brokering File System Elevation of Privilege Vulnerability Description: Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condit

CVE-2025-55697 [HIGH] CWE-122 Azure Local Elevation of Privilege Vulnerability Azure Local Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Azure Local allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Azure Local: Azure Local Microsoft: Microsoft Customer Action Re

CVE-2025-55339 [HIGH] CWE-125 Windows Network Driver Interface Specification (NDIS) Driver Elevation of Privilege Vulnerability Windows Network Driver Interface Specification (NDIS) Driver Elevation of Privilege Vulnerability Description: Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could

CVE-2025-55687 [HIGH] CWE-362 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Resilient File System (ReFS) allows an unauthorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerabil

CVE-2025-59193 [HIGH] CWE-362 Windows Management Services Elevation of Privilege Vulnerability Windows Management Services Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation

CVE-2025-55680 [HIGH] CWE-367 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Description: Time-of-check time-of-use (toctou) race condition in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? A domain user could use this vulnerability to elevat

CVE-2025-55681 [HIGH] CWE-125 Desktop Window Manager Elevation of Privilege Vulnerability Desktop Window Manager Elevation of Privilege Vulnerability Description: Out-of-bounds read in Windows DWM allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to manipulate system operations in a specific manner. F