Msrc Windows Server 2025 vulnerabilities

CVE-2025-49753 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none

CVE-2025-49666 [HIGH] CWE-122 Windows Server Setup and Boot Event Collection Remote Code Execution Vulnerability Windows Server Setup and Boot Event Collection Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network. FAQ: According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability? To successfully exploit this vulnerability, an attacker or the targ

CVE-2025-47993 [HIGH] CWE-284 Microsoft PC Manager Elevation of Privilege Vulnerability Microsoft PC Manager Elevation of Privilege Vulnerability Description: Improper access control in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Microsoft PC Manager: Microsoft PC Manager

CVE-2025-49724 [HIGH] CWE-416 Windows Connected Devices Platform Service Remote Code Execution Vulnerability Windows Connected Devices Platform Service Remote Code Execution Vulnerability Description: Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, a remote unauthenticated attacker would need to send specially crafted traffic to a sy

CVE-2025-49665 [HIGH] CWE-362 Workspace Broker Elevation of Privilege Vulnerability Workspace Broker Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could potentially

CVE-2025-48799 [HIGH] CWE-59 Windows Update Service Elevation of Privilege Vulnerability Windows Update Service Elevation of Privilege Vulnerability Description: Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could create, modify, or delet

CVE-2025-47159 [HIGH] CWE-693 Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability Description: Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulne

CVE-2025-49723 [HIGH] CWE-862 Windows StateRepository API Server file Tampering Vulnerability Windows StateRepository API Server file Tampering Vulnerability Description: Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally. FAQ: According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege A

CVE-2025-49735 [HIGH] CWE-416 Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability Description: Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. FAQ: Are all Windows Servers affected by this vulnerability? This vulnerability only affects Windows Servers that are configured as a [MS-KKDCP]: Kerberos Key Distribution Center (KDC) Proxy Proto

CVE-2025-49682 [HIGH] CWE-416 Windows Media Elevation of Privilege Vulnerability Windows Media Elevation of Privilege Vulnerability Description: Use after free in Windows Media allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: According to the CVSS metric, user interaction is required (UI:R) a

CVE-2025-47972 [HIGH] CWE-362 Windows Input Method Editor (IME) Elevation of Privilege Vulnerability Windows Input Method Editor (IME) Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerabilit

CVE-2025-48820 [HIGH] CWE-59 Windows AppX Deployment Service Elevation of Privilege Vulnerability Windows AppX Deployment Service Elevation of Privilege Vulnerability Description: Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An authenticated attacker would be able to delete targeted f

CVE-2025-48814 [HIGH] CWE-306 Remote Desktop Licensing Service Security Feature Bypass Vulnerability Remote Desktop Licensing Service Security Feature Bypass Vulnerability Description: Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network. FAQ: What security feature is being bypassed? An attacker with a machine-in-the-middle (MitM) position who successfully exploited this vulnerabilit

CVE-2025-49690 [HIGH] CWE-362 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does th

CVE-2025-49674 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none

CVE-2025-49726 [HIGH] CWE-416 Windows Notification Elevation of Privilege Vulnerability Windows Notification Elevation of Privilege Vulnerability Description: Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-

CVE-2025-49660 [HIGH] CWE-416 Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing Elevation of Privilege Vulnerability Description: Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Event Tracing: Windows Event Tracing Mi

CVE-2025-48822 [HIGH] CWE-125 Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability Description: Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? An exploited vulnerability can affect resources b

CVE-2025-49693 [HIGH] CWE-415 Microsoft Brokering File System Elevation of Privilege Vulnerability Microsoft Brokering File System Elevation of Privilege Vulnerability Description: Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Microsoft Brokering F

CVE-2025-49729 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? An attacker could exploit this vulnerability by tricking a user into sending a request