Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

CVE Issued by Tag CVE ID CVE Title
AMDAMD L1 Data Queue CVE-2025-36357 AMD: CVE-2025-36357 Transient Scheduler Attack in L1 Data Queue
AMDAMD Store Queue CVE-2025-36350 AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue
MicrosoftAzure Monitor Agent CVE-2025-47988 Azure Monitor Agent Remote Code Execution Vulnerability
MicrosoftCapability Access Management Service (camsvc) CVE-2025-49690 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
MicrosoftHID class driver CVE-2025-48816 HID Class Driver Elevation of Privilege Vulnerability
MicrosoftKernel Streaming WOW Thunk Service Driver CVE-2025-49675 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
security@php.netMariner CVE-2025-1861 Unknown
security@php.netMariner CVE-2025-1736 Unknown
cve_disclosure@tech.gov.sgMariner CVE-2025-1744 Unknown
security@php.netMariner CVE-2025-1734 Unknown
MicrosoftMicrosoft Brokering File System CVE-2025-49677 Microsoft Brokering File System Elevation of Privilege Vulnerability
MicrosoftMicrosoft Brokering File System CVE-2025-49694 Microsoft Brokering File System Elevation of Privilege Vulnerability
MicrosoftMicrosoft Brokering File System CVE-2025-49693 Microsoft Brokering File System Elevation of Privilege Vulnerability
MicrosoftMicrosoft Configuration Manager CVE-2025-47178 Microsoft Configuration Manager Remote Code Execution Vulnerability
MicrosoftMicrosoft Edge (Chromium-based) CVE-2025-49741 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
ChromeMicrosoft Edge (Chromium-based) CVE-2025-6554 Chromium: CVE-2025-6554 Type Confusion in V8
MicrosoftMicrosoft Edge (Chromium-based) CVE-2025-49713 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
MicrosoftMicrosoft Graphics Component CVE-2025-49732 Windows Graphics Component Elevation of Privilege Vulnerability
MicrosoftMicrosoft Graphics Component CVE-2025-49742 Windows Graphics Component Remote Code Execution Vulnerability
MicrosoftMicrosoft Graphics Component CVE-2025-49744 Windows Graphics Component Elevation of Privilege Vulnerability
MicrosoftMicrosoft Input Method Editor (IME) CVE-2025-49687 Windows Input Method Editor (IME) Elevation of Privilege Vulnerability
MicrosoftMicrosoft Input Method Editor (IME) CVE-2025-47991 Windows Input Method Editor (IME) Elevation of Privilege Vulnerability
MicrosoftMicrosoft Input Method Editor (IME) CVE-2025-47972 Windows Input Method Editor (IME) Elevation of Privilege Vulnerability
MicrosoftMicrosoft MPEG-2 Video Extension CVE-2025-48806 Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability
MicrosoftMicrosoft MPEG-2 Video Extension CVE-2025-48805 Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability
MicrosoftMicrosoft Office CVE-2025-47994 Microsoft Office Elevation of Privilege Vulnerability
MicrosoftMicrosoft Office CVE-2025-49697 Microsoft Office Remote Code Execution Vulnerability
MicrosoftMicrosoft Office CVE-2025-49695 Microsoft Office Remote Code Execution Vulnerability
MicrosoftMicrosoft Office CVE-2025-49696 Microsoft Office Remote Code Execution Vulnerability
MicrosoftMicrosoft Office CVE-2025-49699 Microsoft Office Remote Code Execution Vulnerability
MicrosoftMicrosoft Office CVE-2025-49702 Microsoft Office Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-48812 Microsoft Excel Information Disclosure Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-49711 Microsoft Excel Remote Code Execution Vulnerability
MicrosoftMicrosoft Office PowerPoint CVE-2025-49705 Microsoft PowerPoint Remote Code Execution Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2025-49701 Microsoft SharePoint Remote Code Execution Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2025-49704 Microsoft SharePoint Remote Code Execution Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2025-49706 Microsoft SharePoint Server Spoofing Vulnerability
MicrosoftMicrosoft Office Word CVE-2025-49703 Microsoft Word Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Word CVE-2025-49698 Microsoft Word Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Word CVE-2025-49700 Microsoft Word Remote Code Execution Vulnerability
MicrosoftMicrosoft PC Manager CVE-2025-47993 Microsoft PC Manager Elevation of Privilege Vulnerability
MicrosoftMicrosoft PC Manager CVE-2025-49738 Microsoft PC Manager Elevation of Privilege Vulnerability
MicrosoftMicrosoft Teams CVE-2025-49731 Microsoft Teams Elevation of Privilege Vulnerability
MicrosoftMicrosoft Teams CVE-2025-49737 Microsoft Teams Elevation of Privilege Vulnerability
MicrosoftMicrosoft Windows QoS scheduler CVE-2025-49730 Microsoft Windows QoS Scheduler Driver Elevation of Privilege Vulnerability
MicrosoftMicrosoft Windows Search Component CVE-2025-49685 Windows Search Service Elevation of Privilege Vulnerability
MicrosoftOffice Developer Platform CVE-2025-49756 Office Developer Platform Security Feature Bypass Vulnerability
MicrosoftRemote Desktop Client CVE-2025-48817 Remote Desktop Client Remote Code Execution Vulnerability
MicrosoftRemote Desktop Client CVE-2025-33054 Remote Desktop Spoofing Vulnerability
MicrosoftRole: Windows Hyper-V CVE-2025-48822 Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability
MicrosoftRole: Windows Hyper-V CVE-2025-47999 Windows Hyper-V Denial of Service Vulnerability
MicrosoftRole: Windows Hyper-V CVE-2025-48002 Windows Hyper-V Information Disclosure Vulnerability
MicrosoftService Fabric CVE-2025-21195 Azure Service Fabric Runtime Elevation of Privilege Vulnerability
MicrosoftSQL Server CVE-2025-49719 Microsoft SQL Server Information Disclosure Vulnerability
MicrosoftSQL Server CVE-2025-49718 Microsoft SQL Server Information Disclosure Vulnerability
MicrosoftSQL Server CVE-2025-49717 Microsoft SQL Server Remote Code Execution Vulnerability
MicrosoftStorage Port Driver CVE-2025-49684 Windows Storage Port Driver Information Disclosure Vulnerability
MicrosoftUniversal Print Management Service CVE-2025-47986 Universal Print Management Service Elevation of Privilege Vulnerability
MicrosoftVirtual Hard Disk (VHDX) CVE-2025-47971 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
MicrosoftVirtual Hard Disk (VHDX) CVE-2025-49689 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
MicrosoftVirtual Hard Disk (VHDX) CVE-2025-49683 Microsoft Virtual Hard Disk Remote Code Execution Vulnerability
MicrosoftVirtual Hard Disk (VHDX) CVE-2025-47973 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
MicrosoftVisual Studio CVE-2025-49739 Visual Studio Elevation of Privilege Vulnerability
MITREVisual Studio CVE-2025-27614 MITRE: CVE-2025-27614 Gitk Arbitrary Code Execution Vulnerability
MITREVisual Studio CVE-2025-27613 MITRE: CVE-2025-27613 Gitk Arguments Vulnerability
MITREVisual Studio CVE-2025-46334 MITRE: CVE-2025-46334 Git Malicious Shell Vulnerability
MITREVisual Studio CVE-2025-46835 MITRE: CVE-2025-46835 Git File Overwrite Vulnerability
MITREVisual Studio CVE-2025-48384 MITRE: CVE-2025-48384 Git Symlink Vulnerability
MITREVisual Studio CVE-2025-48386 MITRE: CVE-2025-48386 Git Credential Helper Vulnerability
MITREVisual Studio CVE-2025-48385 MITRE: CVE-2025-48385 Git Protocol Injection Vulnerability
MicrosoftVisual Studio Code - Python extension CVE-2025-49714 Visual Studio Code Python Extension Remote Code Execution Vulnerability
MicrosoftWindows Ancillary Function Driver for WinSock CVE-2025-49661 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
MicrosoftWindows AppX Deployment Service CVE-2025-48820 Windows AppX Deployment Service Elevation of Privilege Vulnerability
MicrosoftWindows BitLocker CVE-2025-48818 BitLocker Security Feature Bypass Vulnerability
MicrosoftWindows BitLocker CVE-2025-48001 BitLocker Security Feature Bypass Vulnerability
MicrosoftWindows BitLocker CVE-2025-48804 BitLocker Security Feature Bypass Vulnerability
MicrosoftWindows BitLocker CVE-2025-48003 BitLocker Security Feature Bypass Vulnerability
MicrosoftWindows BitLocker CVE-2025-48800 BitLocker Security Feature Bypass Vulnerability
MicrosoftWindows Connected Devices Platform Service CVE-2025-48000 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
MicrosoftWindows Connected Devices Platform Service CVE-2025-49724 Windows Connected Devices Platform Service Remote Code Execution Vulnerability
MicrosoftWindows Cred SSProvider Protocol CVE-2025-47987 Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability
MicrosoftWindows Cryptographic Services CVE-2025-48823 Windows Cryptographic Services Information Disclosure Vulnerability
MicrosoftWindows Event Tracing CVE-2025-47985 Windows Event Tracing Elevation of Privilege Vulnerability
MicrosoftWindows Event Tracing CVE-2025-49660 Windows Event Tracing Elevation of Privilege Vulnerability
MicrosoftWindows Fast FAT Driver CVE-2025-49721 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
MicrosoftWindows GDI CVE-2025-47984 Windows GDI Information Disclosure Vulnerability
MicrosoftWindows Imaging Component CVE-2025-47980 Windows Imaging Component Information Disclosure Vulnerability
MicrosoftWindows KDC Proxy Service (KPSSVC) CVE-2025-49735 Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
MicrosoftWindows Kerberos CVE-2025-47978 Windows Kerberos Denial of Service Vulnerability
MicrosoftWindows Kernel CVE-2025-49666 Windows Server Setup and Boot Event Collection Remote Code Execution Vulnerability
MicrosoftWindows Kernel CVE-2025-26636 Windows Kernel Information Disclosure Vulnerability
MicrosoftWindows Kernel CVE-2025-48809 Windows Secure Kernel Mode Information Disclosure Vulnerability
MicrosoftWindows Kernel CVE-2025-48808 Windows Kernel Information Disclosure Vulnerability
MicrosoftWindows MBT Transport driver CVE-2025-47996 Windows MBT Transport Driver Elevation of Privilege Vulnerability
MicrosoftWindows Media CVE-2025-49682 Windows Media Elevation of Privilege Vulnerability
MicrosoftWindows Media CVE-2025-49691 Windows Miracast Wireless Display Remote Code Execution Vulnerability
MicrosoftWindows Netlogon CVE-2025-49716 Windows Netlogon Denial of Service Vulnerability
MicrosoftWindows Notification CVE-2025-49726 Windows Notification Elevation of Privilege Vulnerability
MicrosoftWindows Notification CVE-2025-49725 Windows Notification Elevation of Privilege Vulnerability
MicrosoftWindows NTFS CVE-2025-49678 NTFS Elevation of Privilege Vulnerability
MicrosoftWindows Performance Recorder CVE-2025-49680 Windows Performance Recorder (WPR) Denial of Service Vulnerability
MicrosoftWindows Print Spooler Components CVE-2025-49722 Windows Print Spooler Denial of Service Vulnerability
MicrosoftWindows Remote Desktop Licensing Service CVE-2025-48814 Remote Desktop Licensing Service Security Feature Bypass Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49688 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49676 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49672 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49670 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49671 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49753 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49729 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49673 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49674 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49669 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49663 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49668 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49681 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-49657 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-47998 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-48824 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Secure Kernel Mode CVE-2025-48810 Windows Secure Kernel Mode Information Disclosure Vulnerability
MicrosoftWindows Shell CVE-2025-49679 Windows Shell Elevation of Privilege Vulnerability
MicrosoftWindows SmartScreen CVE-2025-49740 Windows SmartScreen Security Feature Bypass Vulnerability
MicrosoftWindows SMB CVE-2025-48802 Windows SMB Server Spoofing Vulnerability
MicrosoftWindows SPNEGO Extended Negotiation CVE-2025-47981 SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
MicrosoftWindows SSDP Service CVE-2025-47976 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
MicrosoftWindows SSDP Service CVE-2025-47975 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
MicrosoftWindows SSDP Service CVE-2025-48815 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
MicrosoftWindows StateRepository API CVE-2025-49723 Windows StateRepository API Server file Tampering Vulnerability
MicrosoftWindows Storage CVE-2025-49760 Windows Storage Spoofing Vulnerability
MicrosoftWindows Storage VSP Driver CVE-2025-47982 Windows Storage VSP Driver Elevation of Privilege Vulnerability
MicrosoftWindows TCP/IP CVE-2025-49686 Windows TCP/IP Driver Elevation of Privilege Vulnerability
MicrosoftWindows TDX.sys CVE-2025-49658 Windows Transport Driver Interface (TDI) Translation Driver Information Disclosure Vulnerability
MicrosoftWindows TDX.sys CVE-2025-49659 Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability
MicrosoftWindows Universal Plug and Play (UPnP) Device Host CVE-2025-48821 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
MicrosoftWindows Universal Plug and Play (UPnP) Device Host CVE-2025-48819 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
MicrosoftWindows Update Service CVE-2025-48799 Windows Update Service Elevation of Privilege Vulnerability
MicrosoftWindows User-Mode Driver Framework Host CVE-2025-49664 Windows User-Mode Driver Framework Host Information Disclosure Vulnerability
MicrosoftWindows Virtualization-Based Security (VBS) Enclave CVE-2025-47159 Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability
MicrosoftWindows Virtualization-Based Security (VBS) Enclave CVE-2025-48811 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
MicrosoftWindows Virtualization-Based Security (VBS) Enclave CVE-2025-48803 Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability
MicrosoftWindows Win32K - GRFX CVE-2025-49727 Win32k Elevation of Privilege Vulnerability
MicrosoftWindows Win32K - ICOMP CVE-2025-49733 Win32k Elevation of Privilege Vulnerability
MicrosoftWindows Win32K - ICOMP CVE-2025-49667 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
MicrosoftWorkspace Broker CVE-2025-49665 Workspace Broker Elevation of Privilege Vulnerability

CVE-2025-26636 - Windows Kernel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-26636
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Kernel Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of certain kernel memory content.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-26636
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-26636 Windows Kernel, Virtualization & Security Team

CVE-2025-33054 - Remote Desktop Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-33054
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Remote Desktop Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.1/TemporalScore:7.1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over a network.


FAQ:

According to the CVSS metric, user interaction is required (UI:R). What does that mean for this vulnerability?

An attacker must trick the user into interacting with a spoofed WebAuthn prompt and entering their credentials.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-33054
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Spoofing 5060999
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Spoofing 5060999
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Spoofing 5060999
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Spoofing 5060999
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Spoofing 5060842
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Spoofing 5060842
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 5062553 (Security Update) Important Spoofing 5060842
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Spoofing 5060842
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-33054 Philemon Orphee Favrod with Microsoft


Josh Watson with Microsoft


Ray Reskusich with Microsoft


Gus Catalano with Microsoft

CVE-2025-47159 - Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47159
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47159
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47159 Anonymous

CVE-2025-21195 - Azure Service Fabric Runtime Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-21195
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Azure Service Fabric Runtime Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.0/TemporalScore:5.2
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper link resolution before file access ('link following') in Service Fabric allows an authorized attacker to elevate privileges locally.


FAQ:

How can I update my Service Fabric Cluster to the latest version?

If you have automatic updates, no action is needed. However, for those who choose to manually update, please refer to Manage Service Fabric cluster upgrades for instructions on how to update your Service Fabric Cluster.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N) but have major impact on integrity (I:H) and on availability (A:H). What does that mean for this vulnerability?

This vulnerability does not allow disclosure of any confidential information, but could allow an attacker to delete data that could include data that results in the service being unavailable.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to have access to the location where the target file will be run. They would then need to plant a specific file that would be used as part of the exploitation.


According to the CVSS metric, user interaction is required (UI:R). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an administrator to install the bootstrapping agent on the target device where an attacker has planted specially crafted malicious files.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-21195
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Service Fabric Release Notes (Security Update) Important Elevation of Privilege Base: 6.0
Temporal: 5.2
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.1 Cumulative Update 7.0
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-21195 BochengXiang(@Crispr) with FDU

CVE-2025-47971 - Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47971
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L) while user interaction is required (UI:R). What does that mean for this vulnerability?

An attacker can trick a local user on a vulnerable system into mounting a specially crafted VHD that would then trigger the vulnerability.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47971
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.6093		 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.6093		 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19044.6093		 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6093
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6093
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6093
 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47971 Donghyeon Oh


JONGHOI KIM

CVE-2025-47972 - Windows Input Method Editor (IME) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47972
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Input Method Editor (IME) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over a network.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


According to the CVSS metric, user interaction is required (UI:R) and privileges required  is low (PR:L). What does that mean for this vulnerability?

An authorized attacker must send the user a malicious file and convince the user to open it.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited the vulnerability could elevate from a low integrity level up to a medium integrity level.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, successful exploitation of this vulnerability could allow an attacker to perform remote code execution resulting in a Sandbox escape in the imebroker COM (Component Object Model) object.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47972
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47972 Pwnforr777

CVE-2025-47976 - Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47976
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47976
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47976 k0shl with Kunlun Lab

CVE-2025-47984 - Windows GDI Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47984
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows GDI Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47984
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Information Disclosure 5060998
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Information Disclosure 5060998
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Information Disclosure 5061078
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Information Disclosure 5061078
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Information Disclosure 5061059
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Information Disclosure 5061059
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Information Disclosure 5060526
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Information Disclosure Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Information Disclosure 5060118
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47984 Gábor Selján with Check Point Research

CVE-2025-47985 - Windows Event Tracing Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47985
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Event Tracing Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47985
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47985 Chen Le Qi (@cplearns2h4ck) with STAR Labs SG Pte. Ltd.

CVE-2025-47986 - Universal Print Management Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47986
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Universal Print Management Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

This vulnerability could lead to a contained execution environment escape. Please refer to AppContainer Isolation for more information.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-free vulnerability, even as a standard user.


How could an attacker exploit this vulnerability?

An authenticated attacker could send a specially crafted file to a shared printer. This could result in arbitrary code execution on the system that is sharing the printer.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47986
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47986 R4nger with CyberKunLun & Zhiniang Peng with HUST

CVE-2025-47987 - Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47987
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47987
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47987 Anonymous


Erik Egsgard with Field Effect

CVE-2025-48824 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48824
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48824
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48824 Anonymous

CVE-2025-49657 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49657
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49657
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49657 Anonymous

CVE-2025-49658 - Windows Transport Driver Interface (TDI) Translation Driver Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49658
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Transport Driver Interface (TDI) Translation Driver Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of stack memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49658
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Information Disclosure 5060998
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Information Disclosure 5060998
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Information Disclosure 5061078
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Information Disclosure 5061078
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Information Disclosure 5061059
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Information Disclosure 5061059
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Information Disclosure 5060118
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49658 Angelboy (@scwuaptx) with DEVCORE

CVE-2025-49661 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49661
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49661
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49661 Fraunhofer FKIE CA&D


Anonymous

CVE-2025-49670 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49670
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49670
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49670 Anonymous

CVE-2025-49671 - Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49671
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.


FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.


According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49671
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Information Disclosure 5061078
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Information Disclosure 5061078
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Information Disclosure 5061059
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Information Disclosure 5061059
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Information Disclosure Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Information Disclosure Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Information Disclosure 5060118
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49671 Anonymous

CVE-2025-49672 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49672
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49672
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49672 Anonymous

CVE-2025-49674 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49674
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49674
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49674 Anonymous

CVE-2025-49676 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49676
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49676
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49676 Anonymous


Anonymous

CVE-2025-49677 - Microsoft Brokering File System Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49677
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Brokering File System Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49677
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49677 ChenJian with Sea Security Orca Team

CVE-2025-49686 - Windows TCP/IP Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49686
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows TCP/IP Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49686
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49686 Marat Gayanov with Positive Technologies

CVE-2025-49687 - Windows Input Method Editor (IME) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49687
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Input Method Editor (IME) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level or a High Integrity Level.

Please refer to AppContainer isolation and Mandatory Integrity Control for more information.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

This vulnerability could lead to a contained execution environment escape. Please refer to AppContainer Isolation for more information.


How could an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49687
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49687 R4nger with CyberKunLun & Zhiniang Peng with HUST

CVE-2025-49688 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49688
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49688
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49688 Anonymous

CVE-2025-49689 - Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49689
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L) while user interaction is required (UI:R). What does that mean for this vulnerability?

An attacker can trick a local user on a vulnerable system into mounting a specially crafted VHD that would then trigger the vulnerability.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49689
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49689 Sergey Tarasov with Positive Technologies

CVE-2025-49690 - Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49690
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.4/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49690
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49690 R4nger with CyberKunLun & Zhiniang Peng with HUST


Pwnforr777

CVE-2025-49691 - Windows Miracast Wireless Display Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49691
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Miracast Wireless Display Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.


FAQ:

How could an attacker exploit this vulnerability?

An unauthenticated attacker could project to a vulnerable system on the same wireless network that was configured to allow "Projecting to this PC" and marked as "Available Everywhere". This is not a default configuration.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?

This attack requires a victim user to connect to a malicious Miracast sink, allowing an unauthenticated attacker to initiate remote code execution.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49691
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Remote Code Execution 5060998
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Remote Code Execution 5060998
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution 5060526
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49691 Marin Duroyon

CVE-2025-49694 - Microsoft Brokering File System Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49694
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Brokering File System Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Null pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49694
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49694 hazard

CVE-2025-47991 - Windows Input Method Editor (IME) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47991
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Input Method Editor (IME) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited the vulnerability could elevate from a low integrity level up to a medium integrity level.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, successful exploitation of this vulnerability could allow an attacker to perform remote code execution resulting in a Sandbox escape in the imebroker COM (Component Object Model) object.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47991
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47991 R4nger with CyberKunLun & Zhiniang Peng with HUST

CVE-2025-47993 - Microsoft PC Manager Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47993
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft PC Manager Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper access control in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47993
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47993 Filip Dragovic (@filip_dragovic) working with Trend Zero Day Initiative


Filip Dragovic (@filip_dragovic) working with Trend Zero Day Initiative

CVE-2025-47994 - Microsoft Office Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47994
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Deserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker can successfully exploit this vulnerability by escaping the Protected View sandbox and running code at Standard User privileges.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


According to the CVSS metric, the attack vector is local (AV:L) and privileges are required (PR:L). How could an attacker exploit this security feature bypass vulnerability?

This attack involves a compromised Protected View Sandbox sending crafted messages to its trusted user. This causes the user to execute arbitrary code originating from the sandbox at higher privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47994
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2016 (32-bit edition) 5002742 (Security Update) Important Elevation of Privilege 5002730
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Office 2016 (64-bit edition) 5002742 (Security Update) Important Elevation of Privilege 5002730
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47994 Ben Faull with Microsoft

CVE-2025-36357 - AMD: CVE-2025-36357 Transient Scheduler Attack in L1 Data Queue

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-36357
MITRE
NVD

Issuing CNA: AMD

 CVE Title: AMD: CVE-2025-36357 Transient Scheduler Attack in L1 Data Queue
CVSS:

CVSS:3.1 Highest BaseScore:5.6/TemporalScore:4.9
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability.

Please see the following for more information:


FAQ:

Why is this AMD CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability.

Please see the following for more information:


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-36357
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Critical Information Disclosure 5061010
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Critical Information Disclosure 5061010
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Critical Information Disclosure 5060531
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Critical Information Disclosure 5060531
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Critical Information Disclosure 5060533
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Critical Information Disclosure 5060533
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Critical Information Disclosure
5060533		 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Critical Information Disclosure
5060533		 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Critical Information Disclosure 5060999
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Critical Information Disclosure 5060999
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Critical Information Disclosure 5060842
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Critical Information Disclosure 5061010
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Critical Information Disclosure 5061010
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Critical Information Disclosure 5060531
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Critical Information Disclosure 5060531
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Critical Information Disclosure 5060526
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Critical Information Disclosure Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Critical Information Disclosure 5060118
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Critical Information Disclosure 5060842
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Critical Information Disclosure 5060842
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-36357 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, and Stavros Volos from Microsoft and Flavien Solt from ETH Zurich

CVE-2025-36350 - AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-36350
MITRE
NVD

Issuing CNA: AMD

 CVE Title: AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue
CVSS:

CVSS:3.1 Highest BaseScore:5.6/TemporalScore:4.9
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability.

Please see the following for more information:


FAQ:

Why is this AMD CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability.

Please see the following for more information:


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-36350
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Critical Information Disclosure 5061010
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Critical Information Disclosure 5061010
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Critical Information Disclosure 5060531
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Critical Information Disclosure 5060531
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Critical Information Disclosure 5060533
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Critical Information Disclosure 5060533
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Critical Information Disclosure
5060533		 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Critical Information Disclosure
5060533		 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Critical Information Disclosure 5060999
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Critical Information Disclosure 5060999
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Critical Information Disclosure 5060842
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Critical Information Disclosure 5061010
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Critical Information Disclosure 5061010
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Critical Information Disclosure 5060531
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Critical Information Disclosure 5060531
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Critical Information Disclosure 5060526
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Critical Information Disclosure Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Critical Information Disclosure 5060118
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Critical Information Disclosure 5060842
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Critical Information Disclosure 5060842
 Base: 5.6
Temporal: 4.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-36350 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, and Stavros Volos from Microsoft and Flavien Solt from ETH Zurich

CVE-2025-48812 - Microsoft Excel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48812
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48812
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002749 (Security Update)
5002734 (Security Update)		 Important Information Disclosure 5002735

5002716		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002749 (Security Update)
5002734 (Security Update)		 Important Information Disclosure 5002735

5002716		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Information Disclosure None Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Information Disclosure None Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Unknown Unknown None
Office Online Server 5002740 (Security Update) Important Information Disclosure 5002728
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.10417.20027
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48812 Wh1tc with Kunlun Lab & Zhiniang Peng with HUST


cdbb6164ddfda2b210fd348442322115

CVE-2025-49711 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49711
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49711
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002749 (Security Update) Important Remote Code Execution 5002735
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002749 (Security Update) Important Remote Code Execution 5002735
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Office Online Server 5002740 (Security Update) Important Remote Code Execution 5002728
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20027
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49711 wh1tc with Kunlun Lab & Zhiniang Peng with HUST

CVE-2025-49716 - Windows Netlogon Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49716
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Netlogon Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.2
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49716
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Denial of Service 5061026
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Denial of Service 5061026
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Denial of Service 5061026
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Denial of Service 5061026
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Denial of Service 5061078
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Denial of Service 5061078
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Denial of Service 5061059
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Denial of Service 5061059
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Denial of Service 5061018
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Denial of Service 5061018
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Denial of Service 5061010
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Denial of Service 5061010
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Denial of Service 5060531
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Denial of Service 5060531
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Denial of Service 5060526
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Denial of Service 5060526
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Denial of Service 5060118
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49716 Or Yair with SafeBreach


Shahak Morag with SafeBreach

CVE-2025-49717 - Microsoft SQL Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49717
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SQL Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.5/TemporalScore:7.4
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network.


FAQ:

I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Version Apply if current product version is… This security update also includes servicing releases up through…
5058721 Security update for SQL Server 2022 CU19+GDR 16.0.4200.1 16.0.4003.1 - 16.0.4195.2 KB 5054531 - SQL2022 RTM CU19
5058712 Security update for SQL Server 2022 RTM+GDR 16.0.1140.6 16.0.1000.6 - 16.0.1135.2 KB 5054833 - SQL2019 RTM CU32
5058722 Security update for SQL Server 2019 CU32+GDR 15.0.4435.7 15.0.4003.23 - 15.0.4430.1 KB 5046365 - SQL2019 RTM CU29
5058713 Security update for SQL Server 2019 RTM+GDR 15.0.2135.5 15.0.2000.5 - 15.0.2130.3 KB 5046859 - Previous SQL2019 RTM GDR
5058714 Security update for SQL Server 2017 CU31+GDR 14.0.3495.9 14.0.3006.16 - 14.0.3490.10 KB 5050533 - Previous SQL2017 RTM CU31 GDR
5058716 Security update for SQL Server 2017 RTM+GDR 14.0.2075.8 14.0.1000.169 - 14.0.2070.1 KB 5046857 - Previous SQL2017 RTM GDR
5058717 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7055.9 13.0.7000.253 - 13.0.7050.2 KB 5046856 - Previous SQL2016 Azure Connect Feature Pack GDR
5058718 Security update for SQL Server 2016 SP3 RTM+GDR 13.0.6460.7 13.0.6300.2 - 13.0.6455.2 KB 5046855 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manually.


How can an attacker exploit this vulnerability?

An authenticated attacker would need to run a specially crafted query against a vulnerable SQL Server.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

Successful exploitation of this vulnerability could allow an attacker to escape the context of the SQL server and execute code on the host.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49717
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2019 for x64-based Systems (CU 32) 5058722 Critical Remote Code Execution 5054833
 Base: 8.5
Temporal: 7.4
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4435.7
 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5058713 Critical Remote Code Execution 5046859
 Base: 8.5
Temporal: 7.4
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2135.5
 Maybe None
Microsoft SQL Server 2022 for x64-based Systems (CU 19) 5058712 Critical Remote Code Execution 5046861
 Base: 8.5
Temporal: 7.4
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1140.6
 Maybe None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5058721 Critical Remote Code Execution 5054531
 Base: 8.5
Temporal: 7.4
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4200.1
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49717 Anonymous

CVE-2025-27613 - MITRE: CVE-2025-27613 Gitk Arguments Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-27613
MITRE
NVD

Issuing CNA: MITRE

 CVE Title: MITRE: CVE-2025-27613 Gitk Arguments Vulnerability
CVSS:
None
Executive Summary:

CVE-2025-27613 is regarding a vulnerability in Gitk where when a user clones an untrusted repository and runs Gitk without additional command arguments, any writable file can be created and truncated. The option "Support per-file encoding" must have been enabled. The operation "Show origin of this line" is affected as well, regardless of the option being enabled or not. MITRE created this CVE on their behalf. The documented Visual Studio updates incorporate updates in GitK which address this vulnerability.

Please see CVE-2025-27613 for more information.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-27613
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 15.9.75
 Maybe None
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 16.11.49
 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.10.17
 Maybe None
Microsoft Visual Studio 2022 version 17.12 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.12.10
 Maybe None
Microsoft Visual Studio 2022 version 17.14 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.14.8
 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.8.23
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-27613 None

CVE-2025-27614 - MITRE: CVE-2025-27614 Gitk Arbitrary Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-27614
MITRE
NVD

Issuing CNA: MITRE

 CVE Title: MITRE: CVE-2025-27614 Gitk Arbitrary Code Execution Vulnerability
CVSS:
None
Executive Summary:

CVE-2025-27614 is regarding a vulnerability in Gitk where a Git repository can be crafted in such a way that a user who has cloned the repository can be tricked into running any script supplied by the attacker by invoking gitk filename, where filename has a particular structure. MITRE created this CVE on their behalf. The documented Visual Studio updates incorporate updates in GitK which address this vulnerability.

Please see CVE-2025-27614 for more information.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-27614
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 15.9.75
 Maybe None
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 16.11.49
 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.10.17
 Maybe None
Microsoft Visual Studio 2022 version 17.12 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.12.10
 Maybe None
Microsoft Visual Studio 2022 version 17.14 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.14.8
 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.8.23
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-27614 None

CVE-2025-46334 - MITRE: CVE-2025-46334 Git Malicious Shell Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-46334
MITRE
NVD

Issuing CNA: MITRE

 CVE Title: MITRE: CVE-2025-46334 Git Malicious Shell Vulnerability
CVSS:
None
Executive Summary:

CVE-2025-46334 is regarding a vulnerability in Git GUI (Windows only) where a malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. On Windows, path lookup can find such executables in the worktree. These programs are invoked when the user selects "Git Bash" or "Browse Files" from the menu. MITRE created this CVE on their behalf. The documented Visual Studio updates incorporate updates in GitK which address this vulnerability.

Please see CVE-2025-46334 for more information.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-46334
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 15.9.75
 Maybe None
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 16.11.49
 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.10.17
 Maybe None
Microsoft Visual Studio 2022 version 17.12 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.12.10
 Maybe None
Microsoft Visual Studio 2022 version 17.14 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.14.8
 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.8.23
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-46334 None

CVE-2025-46835 - MITRE: CVE-2025-46835 Git File Overwrite Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-46835
MITRE
NVD

Issuing CNA: MITRE

 CVE Title: MITRE: CVE-2025-46835 Git File Overwrite Vulnerability
CVSS:
None
Executive Summary:

CVE-2025-46835 is regarding a vulnerability in Git GUI where when a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite any writable file. MITRE created this CVE on their behalf. The documented Visual Studio updates incorporate updates in GitK which address this vulnerability.

Please see CVE-2025-46835 for more information.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-46835
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 15.9.75
 Maybe None
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 16.11.49
 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.10.17
 Maybe None
Microsoft Visual Studio 2022 version 17.12 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.12.10
 Maybe None
Microsoft Visual Studio 2022 version 17.14 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.14.8
 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.8.23
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-46835 None

CVE-2025-48384 - MITRE: CVE-2025-48384 Git Symlink Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48384
MITRE
NVD

Issuing CNA: MITRE

 CVE Title: MITRE: CVE-2025-48384 Git Symlink Vulnerability
CVSS:
None
Executive Summary:

CVE-2025-48384 is regarding a vulnerability in Git where when reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. MITRE created this CVE on their behalf. The documented Visual Studio updates incorporate updates in Git which address this vulnerability.

Please see CVE-2025-48384 for more information.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48384
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 15.9.75
 Maybe None
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 16.11.49
 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.10.17
 Maybe None
Microsoft Visual Studio 2022 version 17.12 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.12.10
 Maybe None
Microsoft Visual Studio 2022 version 17.14 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.14.8
 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.8.23
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48384 None

CVE-2025-48385 - MITRE: CVE-2025-48385 Git Protocol Injection Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48385
MITRE
NVD

Issuing CNA: MITRE

 CVE Title: MITRE: CVE-2025-48385 Git Protocol Injection Vulnerability
CVSS:
None
Executive Summary:

CVE-2025-48385 is regarding a vulnerability in Git where when cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles, which allows the remote side to perform protocol injection.

This protocol injection can cause the client to write the fetched bundle to a location controlled by the adversary. The fetched content is fully controlled by the server, which can in the worst case lead to arbitrary code execution.

MITRE created this CVE on their behalf. The documented Visual Studio updates incorporate updates in Git which address this vulnerability. Please see CVE-2025-48385 for more information.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48385
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 16.11.49
 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.10.17
 Maybe None
Microsoft Visual Studio 2022 version 17.12 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.12.10
 Maybe None
Microsoft Visual Studio 2022 version 17.14 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.14.8
 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.8.23
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48385 None

CVE-2025-48386 - MITRE: CVE-2025-48386 Git Credential Helper Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48386
MITRE
NVD

Issuing CNA: MITRE

 CVE Title: MITRE: CVE-2025-48386 Git Credential Helper Vulnerability
CVSS:
None
Executive Summary:

CVE-2025-48386 is regarding a vulnerability in Git where the wincred credential helper uses a static buffer (target) as a unique key for storing and comparing against internal storage. This credential helper does not properly bounds check the available space remaining in the buffer before appending to it with wcsncat(), leading to potential buffer overflows. MITRE created this CVE on their behalf. The documented Visual Studio updates incorporate updates in Git which address this vulnerability.

Please see CVE-2025-48386 for more information.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48386
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 15.9.75
 Maybe None
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 16.11.49
 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.10.17
 Maybe None
Microsoft Visual Studio 2022 version 17.12 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.12.10
 Maybe None
Microsoft Visual Studio 2022 version 17.14 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.14.8
 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 17.8.23
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48386 None

CVE-2025-49719 - Microsoft SQL Server Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49719
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SQL Server Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network.


FAQ:

I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Version Apply if current product version is… This security update also includes servicing releases up through…
5058721 Security update for SQL Server 2022 CU19+GDR 16.0.4200.1 16.0.4003.1 - 16.0.4195.2 KB 5054531 - SQL2022 RTM CU19
5058712 Security update for SQL Server 2022 RTM+GDR 16.0.1140.6 16.0.1000.6 - 16.0.1135.2 KB 5054833 - SQL2019 RTM CU32
5058722 Security update for SQL Server 2019 CU32+GDR 15.0.4435.7 15.0.4003.23 - 15.0.4430.1 KB 5046365 - SQL2019 RTM CU29
5058713 Security update for SQL Server 2019 RTM+GDR 15.0.2135.5 15.0.2000.5 - 15.0.2130.3 KB 5046859 - Previous SQL2019 RTM GDR
5058714 Security update for SQL Server 2017 CU31+GDR 14.0.3495.9 14.0.3006.16 - 14.0.3490.10 KB 5050533 - Previous SQL2017 RTM CU31 GDR
5058716 Security update for SQL Server 2017 RTM+GDR 14.0.2075.8 14.0.1000.169 - 14.0.2070.1 KB 5046857 - Previous SQL2017 RTM GDR
5058717 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7055.9 13.0.7000.253 - 13.0.7050.2 KB 5046856 - Previous SQL2016 Azure Connect Feature Pack GDR
5058718 Security update for SQL Server 2016 SP3 RTM+GDR 13.0.6460.7 13.0.6300.2 - 13.0.6455.2 KB 5046855 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manually.


What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49719
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (GDR) 5058718 Important Information Disclosure 5046855
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 13.0.6460.7
 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5058717 Important Information Disclosure 5046856
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 13.0.7055.9
 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5058714 Important Information Disclosure 5050533
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 14.0.3495.9
 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5058716 Important Information Disclosure 5046857
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 14.0.2075.8
 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 32) 5058722 Important Information Disclosure 5054833
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 15.0.4435.7
 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5058713 Important Information Disclosure 5046859
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 15.0.2135.5
 Maybe None
Microsoft SQL Server 2022 for x64-based Systems (CU 19) 5058712 Important Information Disclosure 5046861
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.1140.6
 Maybe None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5058721 Important Information Disclosure 5054531
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.4200.1
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49719 Vladimir Aleksic with Microsoft

CVE-2025-49721 - Windows Fast FAT File System Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49721
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L) while user interaction is required (UI:R). What does that mean for this vulnerability?

An attacker can trick a local user on a vulnerable system into mounting a specially crafted VHD that would then trigger the vulnerability.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49721
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49721 JeongOh Kyea with THEORI


Kaligula Armblessed (@KaligulaSec) with STAR Labs SG Pte. Ltd.

CVE-2025-49723 - Windows StateRepository API Server file Tampering Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49723
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows StateRepository API Server file Tampering Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.


FAQ:

According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by leveraging a function that lacks proper privilege checks to delete items in a specific table. This allows the attacker to escape the sandbox and delete entries belonging to other users.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Tampering

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49723
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Tampering 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Tampering 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Tampering 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Tampering 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Tampering 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Tampering
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Tampering
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Tampering
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Tampering 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Tampering 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Tampering 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Tampering 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Tampering 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Tampering 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2019 5062557 (Security Update) Important Tampering 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Tampering 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Tampering 5060526
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Tampering 5060526
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Tampering 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Tampering 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Tampering 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49723 R4nger with CyberKunLun & Zhiniang Peng with HUST

CVE-2025-49726 - Windows Notification Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49726
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Notification Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-free vulnerability, even as a standard user.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49726
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49726 Zhiniang Peng with HUST & R4nger with CyberKunLun

CVE-2025-49731 - Microsoft Teams Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49731
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Teams Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:3.1/TemporalScore:2.7
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L) but have no effect on integrity (I:N) or on availability (A:N). What does that mean for this vulnerability?

An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49731
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Teams for Android Release Notes (Security Update) Important Elevation of Privilege Base: 3.1
Temporal: 2.7
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 1.0.0.2025112902
 Maybe None
Microsoft Teams for Desktop Release Notes (Security Update) Important Elevation of Privilege Base: 3.1
Temporal: 2.7
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 25060212643
 Maybe None
Microsoft Teams for iOS Release Notes (Security Update) Important Elevation of Privilege Base: 3.1
Temporal: 2.7
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 7.10.1 (100772025102901)
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49731 Muhammad Alqi Fahrezi

CVE-2025-49735 - Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49735
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.1/TemporalScore:7.1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.


FAQ:

Are all Windows Servers affected by this vulnerability?

This vulnerability only affects Windows Servers that are configured as a [MS-KKDCP]: Kerberos Key Distribution Center (KDC) Proxy Protocol server. Domain controllers are not affected.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


How could an attacker exploit this vulnerability?

An unauthenticated attacker could use a specially crafted application to leverage a cryptographic protocol vulnerability in Kerberos Key Distribution Center Proxy Service to perform remote code execution against the target.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49735
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2012 5061059 (Monthly Rollup) Critical Remote Code Execution 5058451
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25522
 Yes None
Windows Server 2012 (Server Core installation) 5061059 (Monthly Rollup) Critical Remote Code Execution 5058451
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25522
 Yes None
Windows Server 2012 R2 5061018 (Monthly Rollup) Critical Remote Code Execution 5058403
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22620
 Yes None
Windows Server 2012 R2 (Server Core installation) 5061018 (Monthly Rollup) Critical Remote Code Execution 5058403
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22620
 Yes None
Windows Server 2016 5061010 (Security Update) Critical Remote Code Execution 5058383
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8148
 Yes None
Windows Server 2016 (Server Core installation) 5061010 (Security Update) Critical Remote Code Execution 5058383
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8148
 Yes None
Windows Server 2019 5060998 (Security Update) Critical Remote Code Execution 5058387
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21034
 Yes None
Windows Server 2019 (Server Core installation) 5060998 (Security Update) Critical Remote Code Execution 5058387
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21034
 Yes None
Windows Server 2022 5060526 (Security Update) Critical Remote Code Execution 5058385
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3807
 Yes None
Windows Server 2022 (Server Core installation) 5060526 (Security Update) Critical Remote Code Execution 5058385
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3807
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5060999 (Security Update) Critical Remote Code Execution 5058405
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5472
 Yes None
Windows Server 2025 5060842 (Security Update) Critical Remote Code Execution Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.4349
 Yes None
Windows Server 2025 (Server Core installation) 5060842 (Security Update) Critical Remote Code Execution Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.4349
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49735 ʌ!ɔ⊥ojv with Kunlun Lab

CVE-2025-47178 - Microsoft Configuration Manager Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47178
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Configuration Manager Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.


FAQ:

According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Successful exploitation of this vulnerability simply requires the attacker or targeted user to leverage a Microsoft Access application to automatically talk to a SQL Server while utilizing a remote SQL Server address that they control.


How could an attacker exploit this vulnerability?

An authenticated attacker can run arbitrary SQL queries as the SMS service (with sysadmin privileges). Since the injection happens during a user permission check, even users with read-only RBAC roles can exploit it. Any local SMS Admins group member on the SMS Provider host can also take advantage of this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47178
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Configuration Manager 2503 KB31909343 Important Remote Code Execution Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 5.00.9135.1003
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47178 Mehdi Elyassa with Synacktiv

CVE-2025-49713 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49713
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?

This attack requires an authenticated client to click a link so that an unauthenticated attacker can initiate remote code execution.


How could an attacker exploit this vulnerability via the Network?

An attacker could host a specially crafted website designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action, typically by an enticement in an email or instant message, or by getting the user to open an attachment sent through email.


What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
138.0.3351.65 7/01/2025 138.0.7204.96/.97

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49713
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 138.0.3351.65
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49713 Nan Wang(@eternalsakura13) and Ziling Chen

CVE-2025-49753 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49753
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49753
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution 5060526
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution 5060526
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49753 Anonymous

CVE-2025-49756 - Office Developer Platform Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49756
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Office Developer Platform Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:3.3/TemporalScore:2.9
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

To successfully exploit this vulnerability, an attacker would need to gain elevated privileges enabling them to perform file operations in directories they would not normally be able to access or perform.


According to the CVSS metric, the attack vector is local (AV:L), privileges are required (PR:L) and user interaction is required (UI:R). How could an attacker exploit this security feature bypass vulnerability?

The attack itself is carried out locally by a user with authentication to the targeted system. An authenticated attacker could exploit the vulnerability by convincing a victim, through social engineering, to download and open a specially crafted file from a website which could lead to a local attack on the victim computer.


According to the CVSS metric, Confidentiality and Integrity are rated as Low and Availability is None (C:L, I:L, A:N). What does that mean for this vulnerability?

An attacker is only able to compromise files that they were allowed access to as part of their initial privilege but cannot affect the availability of the browser.


How could an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

Additionally, an attacker could convince a local user to open a malicious file. The attacker would have to convince the user to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass the Office Visual Basic for Applications (VBA) signature scheme.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49756
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Security Feature Bypass Base: 3.3
Temporal: 2.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Security Feature Bypass Base: 3.3
Temporal: 2.9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49756 Anonymous with Microsoft

CVE-2025-49760 - Windows Storage Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49760
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Storage Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:3.5/TemporalScore:3.1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network.


FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability?

An authorized attacker with low privileges creates a scheduled task that is set to run when a user logs on and spoofs interfaces that belong to many services so the victim can connect to the attacker's server instead of the original.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L) but have no effect on integrity (I:N) or on availability (A:N). What does that mean for this vulnerability?

An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Moderate Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49760
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Moderate Spoofing 5060998
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Moderate Spoofing 5060998
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Moderate Spoofing 5061010
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Moderate Spoofing 5061010
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Moderate Spoofing 5060531
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Moderate Spoofing 5060531
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Moderate Spoofing 5060533
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Moderate Spoofing 5060533
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Moderate Spoofing 5060533
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Moderate Spoofing
5060533		 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Moderate Spoofing
5060533		 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Moderate Spoofing
5060533		 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Moderate Spoofing 5060999
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Moderate Spoofing 5060999
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Moderate Spoofing 5060999
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Moderate Spoofing 5060999
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Moderate Spoofing 5060842
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Moderate Spoofing 5060842
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Moderate Spoofing 5061010
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Moderate Spoofing 5061010
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Moderate Spoofing 5060531
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Moderate Spoofing 5060531
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Moderate Spoofing 5060526
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Moderate Spoofing 5060526
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Moderate Spoofing 5060118
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Moderate Spoofing 5060842
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Moderate Spoofing 5060842
 Base: 3.5
Temporal: 3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49760 Ron Ben Yizhak with SafeBreach

CVE-2025-47973 - Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47973
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L) while user interaction is required (UI:R). What does that mean for this vulnerability?

An attacker can trick a local user on a vulnerable system into mounting a specially crafted VHD that would then trigger the vulnerability.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47973
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47973 Seungjin Oh (@seungjin01) with 78ResearchLab


Donghyeon Oh


JONGHOI KIM


Seungjin Oh (@seungjin01) with 78ResearchLab

CVE-2025-47975 - Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47975
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47975
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47975 k0shl with Kunlun Lab

CVE-2025-47978 - Windows Kerberos Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47978
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Kerberos Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47978
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2022 5062572 (Security Update) Important Denial of Service 5060526
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Denial of Service 5060526
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Denial of Service 5060118
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Denial of Service 5060842
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Denial of Service 5060842
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47978 Eliran Partush with Silverfort


Dor Segal with Silverfort

CVE-2025-47980 - Windows Imaging Component Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47980
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Imaging Component Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.2/TemporalScore:5.4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47980
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Critical Information Disclosure 5060998
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Critical Information Disclosure 5060998
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Critical Information Disclosure 5061010
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Critical Information Disclosure 5061010
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Critical Information Disclosure 5060531
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Critical Information Disclosure 5060531
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Critical Information Disclosure 5060533
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Critical Information Disclosure 5060533
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Critical Information Disclosure 5060533
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Critical Information Disclosure
5060533		 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Critical Information Disclosure
5060533		 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Critical Information Disclosure
5060533		 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Critical Information Disclosure 5060999
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Critical Information Disclosure 5060999
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Critical Information Disclosure 5060999
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Critical Information Disclosure 5060999
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Critical Information Disclosure 5060842
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Critical Information Disclosure 5060842
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Critical Information Disclosure 5061026
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Critical Information Disclosure 5061026
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Critical Information Disclosure 5061026
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Critical Information Disclosure 5061026
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Critical Information Disclosure 5061078
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Critical Information Disclosure 5061078
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Critical Information Disclosure 5061059
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Critical Information Disclosure 5061059
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Critical Information Disclosure 5061018
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Critical Information Disclosure 5061018
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Critical Information Disclosure 5061010
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Critical Information Disclosure 5061010
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Critical Information Disclosure 5060531
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Critical Information Disclosure 5060531
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Critical Information Disclosure 5060526
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Critical Information Disclosure Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Critical Information Disclosure 5060118
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Critical Information Disclosure 5060842
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Critical Information Disclosure 5060842
 Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47980 Mark Riehm

CVE-2025-47981 - SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47981
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.


FAQ:

How could an attacker exploit the vulnerability?

An attacker could exploit this vulnerability by sending a malicious message to the server, potentially leading to remote code execution.


What is SPNEGO Extended Negotiation?

The SPNEGO Extended Negotiation Security Mechanism (NEGOEX) extends Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) described in [RFC4178]. Please see SPNEGO Overview for more information.


Mitigations:

The following mitigating factors might be helpful in your situation:

This vulnerability affects Windows client machines running Windows 10, version 1607 and above, due to the following GPO being enabled by default on these operating systems: "Network security: Allow PKU2U authentication requests to this computer to use online identities".


Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47981
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Critical Remote Code Execution 5060998
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Critical Remote Code Execution 5060998
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Critical Remote Code Execution 5061010
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Critical Remote Code Execution 5061010
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Critical Remote Code Execution 5060531
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Critical Remote Code Execution 5060531
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Critical Remote Code Execution 5060533
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Critical Remote Code Execution 5060533
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Critical Remote Code Execution 5060533
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Critical Remote Code Execution
5060533		 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Critical Remote Code Execution
5060533		 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Critical Remote Code Execution
5060533		 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Critical Remote Code Execution 5060999
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Critical Remote Code Execution 5060999
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Critical Remote Code Execution 5060999
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Critical Remote Code Execution 5060999
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Critical Remote Code Execution 5060842
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Critical Remote Code Execution 5060842
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Critical Remote Code Execution 5061078
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Critical Remote Code Execution 5061078
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Critical Remote Code Execution 5061059
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Critical Remote Code Execution 5061059
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Critical Remote Code Execution 5061018
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Critical Remote Code Execution 5061018
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Critical Remote Code Execution 5061010
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Critical Remote Code Execution 5061010
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Critical Remote Code Execution 5060531
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Critical Remote Code Execution 5060531
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Critical Remote Code Execution Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Critical Remote Code Execution Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Critical Remote Code Execution 5060118
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Critical Remote Code Execution 5060842
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Critical Remote Code Execution 5060842
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47981 Yuki Chen


Anonymous

CVE-2025-47982 - Windows Storage VSP Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47982
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Storage VSP Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47982
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47982 OUYANG FEI

CVE-2025-47996 - Windows MBT Transport Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47996
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows MBT Transport Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47996
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47996 Angelboy (@scwuaptx) with DEVCORE

CVE-2025-47998 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47998
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47998
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution 5060526
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47998 Anonymous

CVE-2025-48000 - Windows Connected Devices Platform Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48000
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker could use this vulnerability to elevate privileges from Medium Integrity Level to Local Service.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48000
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48000 Zhang WangJunJie, He YiSheng with Hillstone Networks

CVE-2025-48001 - BitLocker Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48001
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: BitLocker Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.8/TemporalScore:5.9
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.


FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48001
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Security Feature Bypass 5060998
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Security Feature Bypass 5060998
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Security Feature Bypass 5061059
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Security Feature Bypass 5061059
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Security Feature Bypass 5061018
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Security Feature Bypass 5061018
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Security Feature Bypass 5060526
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Security Feature Bypass Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Security Feature Bypass 5060118
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48001 Netanel Ben Simon and Alon Leviev with Microsoft Offensive Research & Security Engineering (MORSE)

CVE-2025-48002 - Windows Hyper-V Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48002
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Hyper-V Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.7/TemporalScore:5.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to disclose information over an adjacent network.


FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack.


What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48002
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48002 Anonymous

CVE-2025-48003 - BitLocker Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48003
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: BitLocker Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.8/TemporalScore:5.9
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.


FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48003
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2019 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Security Feature Bypass 5060526
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Security Feature Bypass Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Security Feature Bypass 5060118
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48003 Netanel Ben Simon with Microsoft Offensive Research & Security Engineering (MORSE)


Alon Leviev with Microsoft Offensive Research & Security Engineering (MORSE)

CVE-2025-48799 - Windows Update Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48799
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Update Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could create, modify, or delete files in the security context of the "NT AUTHORITY\SYSTEM" account.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48799
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48799 Filip Dragović

CVE-2025-48800 - BitLocker Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48800
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: BitLocker Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.8/TemporalScore:5.9
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.


FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48800
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Security Feature Bypass 5060998
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Security Feature Bypass 5060998
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Security Feature Bypass 5060526
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Security Feature Bypass Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Security Feature Bypass 5060118
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48800 Alon Leviev with Microsoft Offensive Research & Security Engineering (MORSE)


Netanel Ben Simon with Microsoft Offensive Research & Security Engineering (MORSE)

CVE-2025-48802 - Windows SMB Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48802
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows SMB Server Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48802
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Spoofing 5060999
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Spoofing 5060999
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Spoofing 5060999
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Spoofing 5060999
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows Server 2022 5062572 (Security Update) Important Spoofing 5060526
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Spoofing Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Spoofing 5060118
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48802 Anonymous

CVE-2025-48803 - Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48803
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.7/TemporalScore:5.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain Virtual Trust Level 1 (VTL1) privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48803
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48803 None

CVE-2025-48804 - BitLocker Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48804
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: BitLocker Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.8/TemporalScore:5.9
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.


FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by loading a WinRE.wim file while the OS volume is unlocked, granting access to BitLocker encrypted data.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48804
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Security Feature Bypass 5060998
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Security Feature Bypass 5060998
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Security Feature Bypass 5061059
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Security Feature Bypass 5061059
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Security Feature Bypass 5061018
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Security Feature Bypass 5061018
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Security Feature Bypass 5060526
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Security Feature Bypass Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Security Feature Bypass 5060118
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48804 Netanel Ben Simon with Microsoft Offensive Research & Security Engineering (MORSE)


Alon Leviev with Microsoft Offensive Research & Security Engineering (MORSE)

CVE-2025-48805 - Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48805
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48805
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Remote Code Execution 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Remote Code Execution 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48805 Anonymous

CVE-2025-48806 - Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48806
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48806
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Remote Code Execution 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Remote Code Execution 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48806 Anonymous

CVE-2025-48808 - Windows Kernel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48808
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Kernel Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space. Knowing the exact location of kernel memory could be potentially leveraged by an attacker for other malicious activities.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48808
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Information Disclosure 5060998
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Information Disclosure 5060998
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Information Disclosure 5061078
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Information Disclosure 5061078
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Information Disclosure 5061059
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Information Disclosure 5061059
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Information Disclosure 5060526
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Information Disclosure 5060118
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48808 Arjun Vasudeva with MSRC V&M

CVE-2025-48809 - Windows Secure Kernel Mode Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48809
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Secure Kernel Mode Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of certain kernel memory content.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48809
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48809 Windows Kernel Virtualization & Security Team

CVE-2025-48810 - Windows Secure Kernel Mode Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48810
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Secure Kernel Mode Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Processor optimization removal or modification of security-critical code in Windows Secure Kernel Mode allows an authorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of certain kernel memory content.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L) but have no effect on integrity (I:N) or on availability (A:N). What does that mean for this vulnerability?

An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48810
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48810 Windows Kernel, Virtualization & Silicon Team

CVE-2025-48811 - Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48811
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.7/TemporalScore:5.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain Virtual Trust Level 1 (VTL1) privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48811
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48811 Praveen with Microsoft Corp.

CVE-2025-48814 - Remote Desktop Licensing Service Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48814
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Remote Desktop Licensing Service Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.


FAQ:

What security feature is being bypassed?

An attacker with a machine-in-the-middle (MitM) position who successfully exploited this vulnerability could bypass the certificate validation performed when a targeted user connects to a trusted server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48814
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Security Feature Bypass 5061078
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Security Feature Bypass 5061078
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Security Feature Bypass 5061059
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Security Feature Bypass 5061059
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Security Feature Bypass 5061018
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Security Feature Bypass 5061018
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Security Feature Bypass 5060526
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Security Feature Bypass Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Security Feature Bypass 5060118
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48814 Philemon Orphee Favrod with Microsoft


Ray Reskusich with Microsoft


Josh Watson with Microsoft

CVE-2025-48815 - Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48815
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-free vulnerability, even as a standard user.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48815
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48815 k0shl with Kunlun Lab

CVE-2025-48816 - HID Class Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48816
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: HID Class Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48816
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48816 Anonymous

CVE-2025-48817 - Remote Desktop Client Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48817
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Remote Desktop Client Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?

This attack requires an admin user on the client to connect to a malicious server, and that could allow the attacker to gain code execution on the client.


How could an attacker exploit this vulnerability?

In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacker's server with the vulnerable Remote Desktop Client.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48817
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Remote Desktop client for Windows Desktop Release Notes Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 1.2.6353.0
 Maybe None
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Remote Code Execution 5060998
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Remote Code Execution 5060998
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows App Client for Windows Desktop Release Notes Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 2.0.559.0
 Maybe None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48817 None

CVE-2025-48818 - BitLocker Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48818
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: BitLocker Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.8/TemporalScore:5.9
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.


FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48818
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Security Feature Bypass 5060998
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Security Feature Bypass 5060998
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Security Feature Bypass Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Security Feature Bypass Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Security Feature Bypass 5060118
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48818 Netanel Ben Simon with Microsoft Offensive Research & Security Engineering (MORSE)


Alon Leviev with Microsoft Offensive Research & Security Engineering (MORSE)

CVE-2025-48819 - Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48819
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48819
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48819 k0shl with Kunlun Lab

CVE-2025-48820 - Windows AppX Deployment Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48820
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows AppX Deployment Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An authenticated attacker would be able to delete targeted files on a system which could result in them gaining SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48820
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48820 Simon Zuckerbraun of Trend Zero Day Initiative

CVE-2025-48821 - Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48821
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48821
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48821 k0shl with Kunlun Lab

CVE-2025-48822 - Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48822
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.6/TemporalScore:7.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

A user needs to be tricked into importing an INF file.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48822
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Critical Remote Code Execution 5061010
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Critical Remote Code Execution 5060531
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Critical Remote Code Execution 5060533
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Critical Remote Code Execution
5060533		 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Critical Remote Code Execution 5060999
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Critical Remote Code Execution 5060999
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Critical Remote Code Execution 5060999
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Critical Remote Code Execution 5060999
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Critical Remote Code Execution 5060842
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Critical Remote Code Execution 5060842
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Critical Remote Code Execution 5061010
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Critical Remote Code Execution 5061010
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Critical Remote Code Execution 5060531
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Critical Remote Code Execution 5060531
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Critical Remote Code Execution Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Critical Remote Code Execution Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Critical Remote Code Execution 5060118
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Critical Remote Code Execution 5060842
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Critical Remote Code Execution 5060842
 Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48822 Axel Andrejs

CVE-2025-48823 - Windows Cryptographic Services Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-48823
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Cryptographic Services Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.2
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability

To exploit this vulnerability, an attacker would need to target an application by persisting encrypted secrets that are using specific old cryptography and Windows APIs.


What type of information could be disclosed by this vulnerability

If the attacker has both the ability to modify the encrypted secret where it is stored and to observe the precise timing for the secret being decrypted by the application, the attacker could infer the original secret across many decryption attempts.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-48823
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Information Disclosure 5060998
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Information Disclosure 5060998
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Information Disclosure Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Information Disclosure Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Information Disclosure 5060118
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.9
Temporal: 5.2
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-48823 Anonymous

CVE-2025-49659 - Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49659
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49659
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49659 Angelboy (@scwuaptx) with DEVCORE

CVE-2025-49660 - Windows Event Tracing Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49660
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Event Tracing Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49660
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49660 Chen Le Qi (@cplearns2h4ck) with STAR Labs SG Pte. Ltd.

CVE-2025-49663 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49663
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49663
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49663 Anonymous

CVE-2025-49664 - Windows User-Mode Driver Framework Host Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49664
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows User-Mode Driver Framework Host Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space. Knowing the exact location of kernel memory could be potentially leveraged by an attacker for other malicious activities.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49664
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Information Disclosure 5060998
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Information Disclosure 5060998
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Information Disclosure 5061078
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Information Disclosure 5061078
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Information Disclosure 5061059
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Information Disclosure 5061059
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Information Disclosure 5060118
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49664 Dongjun Kim (smlijun) with Ajou University, and working at ENKI WhiteHat


Jongseong Kim (nevul37) with Ajou University, and working at ENKI WhiteHat

CVE-2025-49665 - Workspace Broker Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49665
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Workspace Broker Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-free vulnerability, even as a standard user.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49665
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49665 R4nger with CyberKunLun & Zhiniang Peng with HUST

CVE-2025-49666 - Windows Server Setup and Boot Event Collection Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49666
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Server Setup and Boot Event Collection Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.2/TemporalScore:6.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?

To successfully exploit this vulnerability, an attacker or the targeted user would need to achieve a high level of control over a machine, as the attack requires access to processes typically restricted from average users.

Essentially, the exploitation necessitates elevated privileges on the compromised machine due to the requirement of manipulating processes beyond the reach of standard user permissions.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49666
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49666 Anonymous

CVE-2025-49667 - Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49667
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49667
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49667 Hussein Alrubaye with Microsoft

CVE-2025-49668 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49668
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49668
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49668 Anonymous

CVE-2025-49669 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49669
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49669
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49669 Anonymous

CVE-2025-49673 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49673
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49673
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49673 Anonymous

CVE-2025-49675 - Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49675
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49675
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49675 Angelboy (@scwuaptx) with DEVCORE

CVE-2025-49678 - NTFS Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49678
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: NTFS Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49678
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49678 Bruno Botelho

CVE-2025-49679 - Windows Shell Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49679
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Shell Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49679
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49679 YanZiShuang@BigCJTeam of cyberkl

CVE-2025-49680 - Windows Performance Recorder (WPR) Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49680
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Performance Recorder (WPR) Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to deny service locally.


FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability?

Exploitation of this attack requires a local attacker to create arbitrary directories. User interaction is necessary as the attacker relies on an Administrator to run wprui.exe for the first time.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49680
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Denial of Service 5060998
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Denial of Service 5060998
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Denial of Service 5061010
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Denial of Service 5061010
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Denial of Service 5060531
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Denial of Service 5060531
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Denial of Service 5060533
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Denial of Service 5060533
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Denial of Service 5060533
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Denial of Service
5060533		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Denial of Service
5060533		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Denial of Service
5060533		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Denial of Service 5060999
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Denial of Service 5060999
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Denial of Service 5060999
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Denial of Service 5060999
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Denial of Service 5060842
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Denial of Service 5060842
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Denial of Service 5061010
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Denial of Service 5061010
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Denial of Service 5060531
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Denial of Service 5060531
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Denial of Service Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Denial of Service Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Denial of Service 5060118
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Denial of Service 5060842
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Denial of Service 5060842
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49680 BochengXiang(@Crispr) with FDU

CVE-2025-49681 - Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49681
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49681
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Information Disclosure 5061026
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Information Disclosure 5061078
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Information Disclosure 5061078
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Information Disclosure 5061059
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Information Disclosure 5061059
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Information Disclosure Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Information Disclosure Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Information Disclosure 5060118
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49681 Anonymous

CVE-2025-49682 - Windows Media Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49682
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Media Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows Media allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability

An authorized attacker with privileges could send controlled inputs to exploit this vulnerability. User interaction is required because the vulnerable function is typically triggered through a diagnostic workflow, such as launching a video troubleshooting tool or initiating a certificate validation process. These actions often involve user-initiated steps like opening a UI or selecting a monitor.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49682
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49682 Hussein Alrubaye with Microsoft

CVE-2025-49683 - Microsoft Virtual Hard Disk Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49683
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Virtual Hard Disk Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L) while user interaction is required (UI:R). What does that mean for this vulnerability?

An attacker can trick a local user on a vulnerable system into mounting a specially crafted VHD that would then trigger the vulnerability.


Why could an attacker achieve remote code execution on affected versions of Window Server 2008, but only cause denial of service on systems running Window Server 2008 R2 or newer versions of Windows?

In Windows 7 and newer, an existing mechanism prevents an attacker from achieving remote code execution. They could only use this vulnerability to cause denial of service.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Low Denial of Service,
Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49683
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Low Denial of Service 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Low Denial of Service 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Low Denial of Service 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Low Denial of Service 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Low Denial of Service 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Low Denial of Service 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Low Denial of Service 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Low Denial of Service 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Low Denial of Service 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Low Denial of Service
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Low Denial of Service
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Low Denial of Service
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Low Denial of Service 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Low Denial of Service 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Low Denial of Service 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Low Denial of Service 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Low Denial of Service 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Low Denial of Service 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Low Denial of Service 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Low Denial of Service 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Low Denial of Service 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Low Denial of Service 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Low Denial of Service 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Low Denial of Service 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Low Denial of Service 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Low Denial of Service 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Low Denial of Service 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Low Denial of Service 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Low Denial of Service Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Low Denial of Service Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Low Denial of Service 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Low Denial of Service 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Low Denial of Service 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49683 Cherie-Anne Lee (@KaligulaSec) with STAR Labs SG Pte. Ltd.

CVE-2025-49684 - Windows Storage Port Driver Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49684
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Storage Port Driver Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is a small amount of kernel memory which could be leaked back to the attacker.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49684
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Information Disclosure 5060998
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Information Disclosure 5060998
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Information Disclosure 5060533
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Information Disclosure
5060533		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Information Disclosure 5060999
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Information Disclosure 5061018
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Information Disclosure 5061010
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Information Disclosure 5060531
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Information Disclosure 5060118
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Information Disclosure 5060842
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49684 zoemurmure with Qingteng

CVE-2025-49685 - Windows Search Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49685
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Search Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.


FAQ:

How could an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

For an attacker to exploit this vulnerability, they would need to have knowledge of a specific operation that triggers a memory allocation failure, specifically a use after free.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49685
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49685 Anonymous

CVE-2025-49693 - Microsoft Brokering File System Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49693
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Brokering File System Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49693
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49693 ChenJian with Sea Security Orca Team

CVE-2025-49695 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49695
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.


FAQ:

How could an attacker exploit the vulnerability?

An attacker who successfully exploits this vulnerability could achieve remote code execution without user interaction.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


Is the Preview Pane an attack vector for this vulnerability?

Yes, the Preview Pane is an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49695
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2016 (32-bit edition) 5002742 (Security Update) Critical Remote Code Execution 5002730
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Office 2016 (64-bit edition) 5002742 (Security Update) Critical Remote Code Execution 5002730
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office for Android Release Notes (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.19029.20000
 Maybe None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Critical Remote Code Execution None Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Critical Remote Code Execution None Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49695 Li Shuang and willJ with Vulnerability Research Institute

CVE-2025-49696 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49696
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


How could an attacker exploit the vulnerability?

An attacker who successfully exploits this vulnerability could achieve remote code execution without user interaction.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Is the Preview Pane an attack vector for this vulnerability?

Yes, the Preview Pane is an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49696
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2016 (32-bit edition) 5002742 (Security Update) Critical Remote Code Execution 5002730
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Office 2016 (64-bit edition) 5002742 (Security Update) Critical Remote Code Execution 5002730
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office for Android Release Notes (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.19029.20000
 Maybe None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Critical Remote Code Execution None Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Critical Remote Code Execution None Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49696 0x140ce

CVE-2025-49697 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49697
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.


FAQ:

Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Is the Preview Pane an attack vector for this vulnerability?

Yes, the Preview Pane is an attack vector.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49697
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2016 (32-bit edition) 5002742 (Security Update)
5002749 (Security Update)		 Critical Remote Code Execution 5002730

5002735		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Office 2016 (64-bit edition) 5002742 (Security Update)
5002749 (Security Update)		 Critical Remote Code Execution 5002730

5002735		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office for Android Release Notes (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.19029.20000
 Maybe None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Critical Remote Code Execution None Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Critical Remote Code Execution None Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Office Online Server 5002740 (Security Update) Critical Remote Code Execution 5002728
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20027
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49697 0x140ce

CVE-2025-49698 - Microsoft Word Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49698
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Word Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


Is the Preview Pane an attack vector for this vulnerability?

Yes, the Preview Pane is an attack vector.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49698
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Critical Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Critical Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Word 2016 (32-bit edition) 5002742 (Security Update) Critical Remote Code Execution 5002730
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Word 2016 (64-bit edition) 5002742 (Security Update) Critical Remote Code Execution 5002730
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49698 devoke with HUST

CVE-2025-49699 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49699
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.


FAQ:

Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49699
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Remote Code Execution None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Remote Code Execution None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Outlook 2016 (32-bit edition) 5002747 (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1002
 Maybe None
Microsoft Outlook 2016 (64-bit edition) 5002747 (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1002
 Maybe None
Microsoft PowerPoint 2016 (32-bit edition) 5002746 (Security Update) Important Remote Code Execution 5002689
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1000
 Maybe None
Microsoft PowerPoint 2016 (64-bit edition) 5002746 (Security Update) Important Remote Code Execution 5002689
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1000
 Maybe None
Microsoft Word 2016 (32-bit edition) 5001941 (Security Update)
4464583 (Security Update)		 Important Remote Code Execution 4462117

4464538		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1000
 Maybe None
Microsoft Word 2016 (64-bit edition) 5001941 (Security Update)
4464583 (Security Update)		 Important Remote Code Execution 4462117

4464538		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1000
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49699 Haifei Li with EXPMON

CVE-2025-49700 - Microsoft Word Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49700
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Word Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49700
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Word 2016 (64-bit edition) 5002742 (Security Update)
5002655 (Security Update)		 Important Remote Code Execution 5002730

5002635		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001

16.0.5508.1000		 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49700 Haifei Li with EXPMON

CVE-2025-49701 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49701
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N) and the attack complexity is low (AC:L). What does that mean for this vulnerability?

The attack vector is Network (AV:N) because this vulnerability is remotely exploitable and can be exploited from the internet. The attack complexity is Low (AC:L) because an attacker does not require significant prior knowledge of the system and can achieve repeatable success with the payload against the vulnerable component.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.


How could an attacker exploit the vulnerability?

In a network-based attack, an attacker authenticated as at least a Site Owner, could write arbitrary code to inject and execute code remotely on the SharePoint Server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49701
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Enterprise Server 2016 5002744 (Security Update) Important Remote Code Execution 5002732
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1000
 Maybe None
Microsoft SharePoint Server 2019 5002741 (Security Update) Important Remote Code Execution 5002729
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20027
 Maybe None
Microsoft SharePoint Server Subscription Edition 5002751 (Security Update) Important Remote Code Execution 5002736
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.18526.20424
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49701 cjm00n with Kunlun Lab & Zhiniang Peng

CVE-2025-49702 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49702
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Is the Preview Pane an attack vector for this vulnerability?

Yes, the Preview Pane is an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49702
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2016 (32-bit edition) 5002742 (Security Update) Critical Remote Code Execution 5002730
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Office 2016 (64-bit edition) 5002742 (Security Update) Critical Remote Code Execution 5002730
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1001
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office for Android Release Notes (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.19029.20000
 Maybe None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Critical Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Critical Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49702 0x140ce

CVE-2025-49703 - Microsoft Word Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49703
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Word Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Is the Preview Pane an attack vector for this vulnerability?

Yes, the Preview Pane is an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49703
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Critical Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Critical Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft SharePoint Enterprise Server 2016 5002744 (Security Update)
5002743 (Security Update)		 Critical Remote Code Execution 5002732

5002731		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1000
 Maybe None
Microsoft SharePoint Server 2019 5002741 (Security Update)
5002739 (Security Update)		 Critical Remote Code Execution 5002729

5002727		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20027
 Maybe None
Microsoft Word 2016 (32-bit edition) 5002745 (Security Update) Critical Remote Code Execution 5002710
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1000
 Maybe None
Microsoft Word 2016 (64-bit edition) 5002745 (Security Update) Critical Remote Code Execution 5002710
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1000
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49703 cdbb6164ddfda2b210fd348442322115

CVE-2025-49704 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49704
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N) and the attack complexity is low (AC:L). What does that mean for this vulnerability?

The attack vector is Network (AV:N) because this vulnerability is remotely exploitable and can be exploited from the internet. The attack complexity is Low (AC:L) because an attacker does not require significant prior knowledge of the system and can achieve repeatable success with the payload against the vulnerable component.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.


How could an attacker exploit the vulnerability?

In a network-based attack, an attacker authenticated as at least a Site Owner, could write arbitrary code to inject and execute code remotely on the SharePoint Server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49704
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Enterprise Server 2016 5002744 (Security Update) Critical Remote Code Execution 5002732
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1000
 Maybe None
Microsoft SharePoint Server 2019 5002741 (Security Update) Critical Remote Code Execution 5002729
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20027
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49704 Anonymous with Trend Zero Day Initiative

CVE-2025-49705 - Microsoft PowerPoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49705
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft PowerPoint Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49705
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft PowerPoint 2016 (32-bit edition) 5002746 (Security Update) Important Remote Code Execution 5002689
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1000
 Maybe None
Microsoft PowerPoint 2016 (64-bit edition) 5002746 (Security Update) Important Remote Code Execution 5002689
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5508.1000
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49705 Guang Gong, Li Shuang and willJ with Vulnerability Research Institute

CVE-2025-49706 - Microsoft SharePoint Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49706
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SharePoint Server Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.3/TemporalScore:5.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper authentication in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.


FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability?

An authorized attacker with privileges could send controlled inputs to exploit this vulnerability.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to a high loss of confidentiality (C:H), and some loss of integrity (I:L) and no loss of availability (A:N). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could view sensitive information, a token in this scenario (Confidentiality), and make some changes to disclosed information (Integrity), but they would not be able to affect Availability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49706
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Enterprise Server 2016 5002744 (Security Update) Important Spoofing 5002732
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C
 16.0.5508.1000
 Maybe None
Microsoft SharePoint Server 2019 5002741 (Security Update) Important Spoofing 5002729
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C
 16.0.10417.20027
 Maybe None
Microsoft SharePoint Server Subscription Edition 5002751 (Security Update) Important Spoofing 5002736
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C
 16.0.18526.20424
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49706 Viettel Cyber Security with Trend Zero Day Initiative

CVE-2025-49714 - Visual Studio Code Python Extension Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49714
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Visual Studio Code Python Extension Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49714
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Python extension for Visual Studio Code Release Notes Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 2025.8.1
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49714 Eakasit Tangmunchittham with Secure-D Center

CVE-2025-49718 - Microsoft SQL Server Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49718
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SQL Server Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.


FAQ:

I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

I am running my own application on my system. What action do I need to take?

Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability.

I am running an application from a software vendor on my system. What action do I need to take?

Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the table below, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product in order to apply this and future security updates.

Update Number Title Version Apply if current product version is… This security update also includes servicing releases up through…
5058721 Security update for SQL Server 2022 CU19+GDR 16.0.4200.1 16.0.4003.1 - 16.0.4195.2 KB 5054531 - SQL2022 RTM CU19
5058712 Security update for SQL Server 2022 RTM+GDR 16.0.1140.6 16.0.1000.6 - 16.0.1135.2 KB 5054833 - SQL2019 RTM CU32
5058722 Security update for SQL Server 2019 CU32+GDR 15.0.4435.7 15.0.4003.23 - 15.0.4430.1 KB 5046365 - SQL2019 RTM CU29
5058713 Security update for SQL Server 2019 RTM+GDR 15.0.2135.5 15.0.2000.5 - 15.0.2130.3 KB 5046859 - Previous SQL2019 RTM GDR
5058714 Security update for SQL Server 2017 CU31+GDR 14.0.3495.9 14.0.3006.16 - 14.0.3490.10 KB 5050533 - Previous SQL2017 RTM CU31 GDR
5058716 Security update for SQL Server 2017 RTM+GDR 14.0.2075.8 14.0.1000.169 - 14.0.2070.1 KB 5046857 - Previous SQL2017 RTM GDR
5058717 Security update for SQL 2016 Azure Connect Feature Pack 13.0.7055.9 13.0.7000.253 - 13.0.7050.2 KB 5046856 - Previous SQL2016 Azure Connect Feature Pack GDR
5058718 Security update for SQL Server 2016 SP3 RTM+GDR 13.0.6460.7 13.0.6300.2 - 13.0.6455.2 KB 5046855 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then chose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manually.


What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49718
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2019 for x64-based Systems (CU 32) 5058722 Important Information Disclosure 5054833
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 15.0.4435.7
 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5058713 Important Information Disclosure 5046859
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 15.0.2135.5
 Maybe None
Microsoft SQL Server 2022 for x64-based Systems (CU 19) 5058712 Important Information Disclosure 5046861
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.1140.6
 Maybe None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5058721 Important Information Disclosure 5054531
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.4200.1
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49718 Ravi Shetye with Microsoft

CVE-2025-49722 - Windows Print Spooler Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49722
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Print Spooler Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.7/TemporalScore:5.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.


FAQ:

According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?

This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49722
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Denial of Service 5060998
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Denial of Service 5060998
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Denial of Service 5061010
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Denial of Service 5061010
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Denial of Service 5060531
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Denial of Service 5060531
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Denial of Service 5060533
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Denial of Service 5060533
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Denial of Service 5060533
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Denial of Service
5060533		 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Denial of Service
5060533		 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Denial of Service
5060533		 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Denial of Service 5060999
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Denial of Service 5060999
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Denial of Service 5060999
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Denial of Service 5060999
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Denial of Service 5060842
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Denial of Service 5060842
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Denial of Service 5061026
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Denial of Service 5061026
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Denial of Service 5061026
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Denial of Service 5061026
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Denial of Service 5061078
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Denial of Service 5061078
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Denial of Service 5061059
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Denial of Service 5061059
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Denial of Service 5061018
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Denial of Service 5061018
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Denial of Service 5061010
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Denial of Service 5061010
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Denial of Service 5060531
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Denial of Service 5060531
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Denial of Service 5060526
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Denial of Service 5060526
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Denial of Service 5060118
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Denial of Service 5060842
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Denial of Service 5060842
 Base: 5.7
Temporal: 5.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49722 Or Yair with SafeBreach


Shahak Morag with SafeBreach

CVE-2025-49724 - Windows Connected Devices Platform Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49724
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Connected Devices Platform Service Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.


FAQ:

How could an attacker exploit the vulnerability?

To exploit this vulnerability, an remote unauthenticated attacker would need to send specially crafted traffic to a system with the "Nearby Sharing" feature enabled and convince a user to take specifc actions.


Mitigations:

The following mitigating factors might be helpful in your situation:

There is a feature in Windows 10 and 11 called Nearby Sharing. This feature is not enabled by default. To protect from this vulnerability, you should disable the Nearby Sharing feature if it is not already.

See Share things with nearby devices in Windows for more information.


Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49724
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution 5060526
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution 5060526
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49724 Lewis Lee


Chunyang Han


Zhiniang Peng with HUST

CVE-2025-49725 - Windows Notification Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49725
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Notification Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-free vulnerability, even as a standard user.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49725
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49725 R4nger with CyberKunLun & Zhiniang Peng with HUST

CVE-2025-49727 - Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49727
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Win32k Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49727
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49727 Marcin Wiazowski with Trend Zero Day Initiative

CVE-2025-49729 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49729
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49729
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution 5060526
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution 5060526
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49729 Anonymous

CVE-2025-49730 - Microsoft Windows QoS Scheduler Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49730
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Windows QoS Scheduler Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49730
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49730 Fraunhofer FKIE CA&D

CVE-2025-49732 - Windows Graphics Component Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49732
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Graphics Component Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metric, the attack vector is local (AV:L). What does this mean for this vulnerability?

The attacker would have to be an authenticated user logged on to the vulnerable system to be able to exploit this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49732
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Elevation of Privilege 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Elevation of Privilege 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Elevation of Privilege 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Elevation of Privilege 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49732 Marcin Wiazowski working with Trend Zero Day Initiative

CVE-2025-49733 - Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49733
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Win32k Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

A local, authenticated attacker could gain elevated local system or administrator privileges through a vulnerability in the Win32k.sys driver.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49733
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49733 Devin Jensen with Microsoft


Benjamin Rodes with Microsoft


George Hughey with Microsoft

CVE-2025-47999 - Windows Hyper-V Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47999
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Hyper-V Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.8/TemporalScore:5.9
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.


FAQ:

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47999
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Denial of Service 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Denial of Service 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Denial of Service 5060533
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Denial of Service
5060533		 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Denial of Service 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Denial of Service 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Denial of Service 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Denial of Service 5060999
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Denial of Service 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Denial of Service 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Denial of Service 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Denial of Service 5061010
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Denial of Service 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Denial of Service 5060531
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Denial of Service 5060526
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Denial of Service 5060526
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Denial of Service 5060118
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Denial of Service 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Denial of Service 5060842
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47999 HongZhenhao with TianGong Team of Legendsec at Qi'anxin Group

CVE-2025-49737 - Microsoft Teams Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49737
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Teams Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Teams allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49737
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Teams for Mac Release Notes (Security Update) Important Elevation of Privilege Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 25163.3001.3726.6503
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49737 Omer Dahan

CVE-2025-49738 - Microsoft PC Manager Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49738
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft PC Manager Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49738
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft PC Manager Release Notes (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.17.4
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49738 Simon (@sim0nsecurity)

CVE-2025-49739 - Visual Studio Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49739
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Visual Studio Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49739
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Visual Studio 2015 Update 3 5063035 (Security Update) Important Elevation of Privilege 5045536
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.27564.0
 Maybe None
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.9.75
 Maybe None
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Release Notes (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.11.49
 Maybe None
Microsoft Visual Studio 2022 version 17.10 Release Notes (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 17.10.17
 Maybe None
Microsoft Visual Studio 2022 version 17.12 Release Notes (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 17.12.10
 Maybe None
Microsoft Visual Studio 2022 version 17.14 Release Notes (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 17.14.8
 Maybe None
Microsoft Visual Studio 2022 version 17.8 Release Notes (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 17.8.23
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49739 Simon (@sim0nsecurity)

CVE-2025-49740 - Windows SmartScreen Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49740
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows SmartScreen Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.


FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited the vulnerability could evade Mark of the Web (MOTW) defenses.


How could an attacker exploit this vulnerability?

To exploit this security feature bypass vulnerability, an attacker would need to convince a user to launch malicious files using a launcher application that requests that no UI be shown.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

A user needs to be tricked into running malicious files.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49740
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Security Feature Bypass 5060998
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Security Feature Bypass 5060998
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass 5060533
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Security Feature Bypass
5060533		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Security Feature Bypass 5060999
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Security Feature Bypass 5061010
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Security Feature Bypass 5060531
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Security Feature Bypass 5060526
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Security Feature Bypass 5060526
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Security Feature Bypass 5060118
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Security Feature Bypass 5060842
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49740 Simon Zuckerbraun of Trend Zero Day Initiative


Will Dormann with Vul Labs

CVE-2025-49741 - Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49741
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.4/TemporalScore:6.4
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.


FAQ:

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
135.0.3179.98 4/25/2025 135.0.7049.114/.115

Mitigations:
None
Workarounds:
None
Revision:
1.0    01-Jul-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49741
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes Important Information Disclosure Base: 7.4
Temporal: 6.4
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 135.0.3179.98
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49741 Jun Kokatsu

CVE-2025-49742 - Windows Graphics Component Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49742
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Graphics Component Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49742
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Remote Code Execution 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Remote Code Execution 5060998
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Remote Code Execution 5060533
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Remote Code Execution
5060533		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Remote Code Execution 5060999
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5062624 (Monthly Rollup)
5062618 (Security Only)		 Important Remote Code Execution 5061026
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23418
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5062632 (Monthly Rollup)
5062619 (Security Only)		 Important Remote Code Execution 5061078
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.27820
 Yes None
Windows Server 2012 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 (Server Core installation) 5062592 (Monthly Rollup) Important Remote Code Execution 5061059
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25573
 Yes None
Windows Server 2012 R2 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2012 R2 (Server Core installation) 5062597 (Monthly Rollup) Important Remote Code Execution 5061018
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22676
 Yes None
Windows Server 2016 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Remote Code Execution 5061010
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Remote Code Execution 5060531
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Remote Code Execution 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Remote Code Execution 5060526
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Remote Code Execution 5060118
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Remote Code Execution 5060842
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49742 Marcin Wiazowski working with Trend Zero Day Initiative

CVE-2025-49744 - Windows Graphics Component Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-49744
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Graphics Component Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

To successfully exploit this vulnerability, an attacker would need to gain elevated privileges enabling them to perform file operations in directories they would not normally be able to access or perform.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-49744
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 for x64-based Systems 5062561 (Security Update) Important Elevation of Privilege 5060998
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21073
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1607 for x64-based Systems 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 1809 for x64-based Systems 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege 5060533
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6093
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5062554 (Security Update) Important Elevation of Privilege
5060533		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6093		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.5624
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5062552 (Security Update) Important Elevation of Privilege 5060999
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.5624
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2016 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2016 (Server Core installation) 5062560 (Security Update) Important Elevation of Privilege 5061010
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8246
 Yes None
Windows Server 2019 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2019 (Server Core installation) 5062557 (Security Update) Important Elevation of Privilege 5060531
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7558
 Yes None
Windows Server 2022 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022 (Server Core installation) 5062572 (Security Update) Important Elevation of Privilege 5060526
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.3932
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5062570 (Security Update) Important Elevation of Privilege 5060118
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1732
 Yes None
Windows Server 2025 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None
Windows Server 2025 (Server Core installation) 5062553 (Security Update) Important Elevation of Privilege 5060842
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.4652
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-49744 None

CVE-2025-6554 - Chromium: CVE-2025-6554 Type Confusion in V8

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-6554
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-6554 Type Confusion in V8
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-6554 exists in the wild.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
138.0.3351.65 7/01/2025 138.0.7204.96/.97

Mitigations:
None
Workarounds:
None
Revision:
1.0    01-Jul-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-6554
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 138.0.3351.65
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-6554 None

CVE-2025-47988 - Azure Monitor Agent Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47988
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Azure Monitor Agent Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network.


FAQ:

What actions do customers need to take to protect themselves from this vulnerability?

Customers who have disabled Automatic Extension Upgrades or would like to upgrade an extension immediately must manually update their Azure Monitor Agent to the latest version. For more information on how to perform a manual update, see Manage Azure Monitor Agent.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation depends on the vulnerable troubleshooting script in the Azure monitoring agent on the victim’s machine being executed by the user in an on-premises environment.


According to the CVSS metric, the attack vector is adjacent (AV:A) and privilege required is none (PR:N). What is the target used in the context of the remote code execution?

An attacker within the same network subnet as the victim machine could take advantage of a vulnerability in the troubleshooting script of the Azure monitoring agent extension installed on it and perform remote code execution (RCE). By successfully exploiting this vulnerability, the attacker could run arbitrary code on the victim’s target machine.


Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Jul-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47988
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Monitor Agent Release Notes (Security Update) Important Remote Code Execution Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 1.35.1
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47988 Michal Kamensky with Microsoft

CVE-2025-1736 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-1736
MITRE
NVD

Issuing CNA: security@php.net

 CVE Title: Unknown
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:7.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01-Apr-25    

Information published.


1.1    02-Jul-25    

Added php to CBL-Mariner 2.0 Added php to Azure Linux 3.0


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-1736
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM php (CBL-Mariner) Unknown Unknown Base: 7.3
Temporal: 7.3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
 8.3.19-1
 Unknown None
Azure Linux 3.0 x64 php (CBL-Mariner) Unknown Unknown Base: 7.3
Temporal: 7.3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
 8.3.19-1
 Unknown None
CBL Mariner 2.0 ARM php (CBL-Mariner) Unknown Unknown Base: 7.3
Temporal: 7.3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
 8.1.32-1
 Unknown None
CBL Mariner 2.0 x64 php (CBL-Mariner) Unknown Unknown Base: 7.3
Temporal: 7.3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
 8.1.32-1
 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-1736 None

CVE-2025-1734 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-1734
MITRE
NVD

Issuing CNA: security@php.net

 CVE Title: Unknown
CVSS:

CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01-Apr-25    

Information published.


2.0    03-Apr-25    

Information published.


2.1    02-Jul-25    

Added php to CBL-Mariner 2.0 Added php to Azure Linux 3.0


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-1734
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM php (CBL-Mariner) Unknown Unknown Base: 5.3
Temporal: 5.3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
 8.3.19-1
 Unknown None
Azure Linux 3.0 x64 php (CBL-Mariner) Unknown Unknown Base: 5.3
Temporal: 5.3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
 8.3.19-1
 Unknown None
CBL Mariner 2.0 ARM php (CBL-Mariner) Unknown Unknown Base: 5.3
Temporal: 5.3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
 8.1.32-1
 Unknown None
CBL Mariner 2.0 x64 php (CBL-Mariner) Unknown Unknown Base: 5.3
Temporal: 5.3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
 8.1.32-1
 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-1734 None

CVE-2025-1744 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-1744
MITRE
NVD

Issuing CNA: cve_disclosure@tech.gov.sg

 CVE Title: Unknown
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10-Mar-25    

Information published.


2.0    12-Mar-25    

Information published.


3.0    18-Mar-25    

Information published.


4.0    19-Mar-25    

Information published.


5.0    20-Mar-25    

Information published.


6.0    21-Mar-25    

Information published.


7.0    22-Mar-25    

Information published.


8.0    23-Mar-25    

Information published.


9.0    24-Mar-25    

Information published.


1.0    25-Mar-25    

Information published.


1.1    26-Mar-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


1.2    27-Mar-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


1.3    28-Mar-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


1.4    29-Mar-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


1.5    30-Mar-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


1.6    31-Mar-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


1.7    01-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


1.8    03-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


1.9    04-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


2.0    05-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


2.1    06-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


2.2    07-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


2.3    08-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


2.4    09-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


2.5    11-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


2.6    12-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


2.7    13-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


2.8    14-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


2.9    15-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


3.0    16-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


3.1    17-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


3.2    18-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


3.3    19-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


3.4    20-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


3.5    21-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


3.6    22-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


3.7    23-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


3.8    24-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


3.9    25-Apr-25    

Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


4.0    26-Apr-25    

Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 Added binutils to Azure Linux 3.0


4.1    28-Apr-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


4.2    29-Apr-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


4.3    30-Apr-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


4.4    01-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


4.5    02-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


4.6    03-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


4.7    04-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


4.8    05-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


4.9    06-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


5.0    07-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


5.1    08-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


5.2    09-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


5.3    10-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


5.4    11-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


5.5    12-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


5.6    13-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


5.7    14-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


5.8    15-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


5.9    16-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


6.0    17-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


6.1    18-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


6.2    19-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


6.3    20-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


6.4    21-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


6.5    22-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


6.6    23-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


6.7    24-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


6.8    25-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


6.9    26-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


7.0    27-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


10.0    28-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


11.0    30-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


12.0    31-May-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


13.0    01-Jun-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


14.0    02-Jun-25    

Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0


14.1    01-Jul-25    

Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 Added crash to CBL-Mariner 2.0 Added binutils to Azure Linux 3.0


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-1744
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM binutils (CBL-Mariner) Unknown Unknown Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 2.41-5
 Unknown None
Azure Linux 3.0 x64 binutils (CBL-Mariner) Unknown Unknown Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 2.41-5
 Unknown None
CBL Mariner 2.0 ARM binutils (CBL-Mariner)
ceph (CBL-Mariner)
cloud-hypervisor (CBL-Mariner)
crash (CBL-Mariner)		 Unknown Unknown Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 2.37-14

16.2.10-7
32.0-5
8.0.1-4		 None
CBL Mariner 2.0 x64 binutils (CBL-Mariner)
ceph (CBL-Mariner)
cloud-hypervisor (CBL-Mariner)
crash (CBL-Mariner)		 Unknown Unknown Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 2.37-14

16.2.10-7
32.0-5
8.0.1-4		 None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-1744 None

CVE-2025-1861 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-1861
MITRE
NVD

Issuing CNA: security@php.net

 CVE Title: Unknown
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01-Apr-25    

Information published.


1.1    02-Jul-25    

Added php to CBL-Mariner 2.0 Added php to Azure Linux 3.0


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-1861
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM php (CBL-Mariner) Unknown Unknown Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 8.3.19-1
 Unknown None
Azure Linux 3.0 x64 php (CBL-Mariner) Unknown Unknown Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 8.3.19-1
 Unknown None
CBL Mariner 2.0 ARM php (CBL-Mariner) Unknown Unknown Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 8.1.32-1
 Unknown None
CBL Mariner 2.0 x64 php (CBL-Mariner) Unknown Unknown Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 8.1.32-1
 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-1861 None