Msrc Windows Server 2025 vulnerabilities

CVE-2025-59189 [HIGH] CWE-416 Microsoft Brokering File System Elevation of Privilege Vulnerability Microsoft Brokering File System Elevation of Privilege Vulnerability Description: Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to have a deep under

CVE-2025-59260 [MEDIUM] CWE-200 Microsoft Failover Cluster Virtual Driver Information Disclosure Vulnerability Microsoft Failover Cluster Virtual Driver Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure

CVE-2025-55338 [MEDIUM] CWE-1310 Windows BitLocker Security Feature Bypass Vulnerability Windows BitLocker Security Feature Bypass Vulnerability Description: Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the BitLocker Device Encryption feature on the system storage dev

CVE-2025-59204 [MEDIUM] CWE-908 Windows Management Services Information Disclosure Vulnerability Windows Management Services Information Disclosure Vulnerability Description: Use of uninitialized resource in Windows Management Services allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memor

CVE-2025-2884 [MEDIUM] CWE-125 Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation Description: CVE-2025-2884 is regarding a vulnerability in TCG TPM2.0 Reference implementation's CryptHmacSign helper function that is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. CERT/CC created this CV

CVE-2025-55699 [MEDIUM] CWE-200 Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space. Knowing the exact location of ker

CVE-2025-55682 [MEDIUM] CWE-841 Windows BitLocker Security Feature Bypass Vulnerability Windows BitLocker Security Feature Bypass Vulnerability Description: Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the BitLocker Device Encryption feature on the system st

CVE-2025-55679 [MEDIUM] CWE-20 Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Description: Improper input validation in Windows Kernel allows an unauthorized attacker to disclose information locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reli

CVE-2025-55325 [MEDIUM] CWE-126 Windows Storage Management Provider Information Disclosure Vulnerability Windows Storage Management Provider Information Disclosure Vulnerability Description: Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Win

CVE-2025-47979 [MEDIUM] CWE-532 Microsoft Failover Cluster Information Disclosure Vulnerability Microsoft Failover Cluster Information Disclosure Vulnerability Description: Insertion of sensitive information into log file in Windows Failover Cluster allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker that successfully exploited this vulnerability could recover any data that is put in the system logs

CVE-2025-59244 [MEDIUM] CWE-73 NTLM Hash Disclosure Spoofing Vulnerability NTLM Hash Disclosure Spoofing Vulnerability Description: External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? A user interacting with the file in multiple ways will cause the NTLM hash to be leaked. A few interactions which trigger

CVE-2025-48813 [MEDIUM] CWE-324 Virtual Secure Mode Spoofing Vulnerability Virtual Secure Mode Spoofing Vulnerability Description: Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliabilit

CVE-2025-59257 [MEDIUM] CWE-1287 Windows Local Session Manager (LSM) Denial of Service Vulnerability Windows Local Session Manager (LSM) Denial of Service Vulnerability Description: Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network. Windows Local Session Manager (LSM): Windows Local Session Manager (LSM) Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status

CVE-2025-58719 [MEDIUM] CWE-416 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability Windows Connected Devices Platform Service Elevation of Privilege Vulnerability Description: Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability require

CVE-2025-55336 [MEDIUM] CWE-200 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows Cloud Files Mini Filter Driver allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certa

CVE-2025-59185 [MEDIUM] CWE-73 NTLM Hash Disclosure Spoofing Vulnerability NTLM Hash Disclosure Spoofing Vulnerability Description: External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? A user interacting with the file in multiple ways will cause the NTLM hash to be leaked. A few interactions which trigger

CVE-2025-55683 [MEDIUM] CWE-200 Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space. Knowing the exact location of ker

CVE-2025-55330 [MEDIUM] CWE-841 Windows BitLocker Security Feature Bypass Vulnerability Windows BitLocker Security Feature Bypass Vulnerability Description: Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the BitLocker Device Encryption feature on the system st

CVE-2025-59203 [MEDIUM] CWE-532 Windows State Repository API Server File Information Disclosure Vulnerability Windows State Repository API Server File Information Disclosure Vulnerability Description: Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploi

CVE-2025-55332 [MEDIUM] CWE-841 Windows BitLocker Security Feature Bypass Vulnerability Windows BitLocker Security Feature Bypass Vulnerability Description: Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the BitLocker Device Encryption feature on the system st