Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

CVE Issued by Tag CVE ID CVE Title
MicrosoftApplication Information Services CVE-2025-62572 Application Information Service Elevation of Privilege Vulnerability
MicrosoftAzure Monitor Agent CVE-2025-62550 Azure Monitor Agent Remote Code Execution Vulnerability
MicrosoftCopilot CVE-2025-64671 GitHub Copilot for Jetbrains Remote Code Execution Vulnerability
LinuxMariner CVE-2025-40217 pidfs: validate extensible ioctls
GoMariner CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
GitHub_MMariner CVE-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_composite
LinuxMariner CVE-2025-40301 Bluetooth: hci_event: validate skb length for unknown CC opcode
LinuxMariner CVE-2025-40314 usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget
LinuxMariner CVE-2025-40303 btrfs: ensure no dirty metadata is written back for an fs with errors
LinuxMariner CVE-2025-40297 net: bridge: fix use-after-free due to MST port state bypass
LinuxMariner CVE-2025-40220 fuse: fix livelock in synchronous file put from fuseblk workers
LinuxMariner CVE-2025-40244 hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent()
LinuxMariner CVE-2025-40259 scsi: sg: Do not sleep in atomic context
LinuxMariner CVE-2025-40243 hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits()
LinuxMariner CVE-2025-40248 vsock: Ignore signal/timeout on connect() if already established
LinuxMariner CVE-2025-40257 mptcp: fix a race in mptcp_pm_del_add_timer()
VulnCheckMariner CVE-2025-34297 KissFFT Integer Overflow Heap Buffer Overflow via kiss_fft_alloc
LinuxMariner CVE-2025-40219 PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV
LinuxMariner CVE-2025-40261 nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl()
TQtCMariner CVE-2025-12385 Improper validation of tag size in Text component parser
LinuxMariner CVE-2025-40307 exfat: validate cluster allocation bits of the allocation bitmap
LinuxMariner CVE-2025-40264 be2net: pass wrb_params in case of OS2BMC
LinuxMariner CVE-2025-40223 most: usb: Fix use-after-free in hdm_disconnect
LinuxMariner CVE-2025-40247 drm/msm: Fix pgtable prealloc error path
LinuxMariner CVE-2025-40233 ocfs2: clear extent cache after moving/defragmenting extents
LinuxMariner CVE-2025-40252 net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()
LinuxMariner CVE-2025-40245 nios2: ensure that memblock.current_limit is set when setting pfn limits
LinuxMariner CVE-2025-40240 sctp: avoid NULL dereference when chunk data buffer is missing
LinuxMariner CVE-2025-40254 net: openvswitch: remove never-working support for setting nsh fields
LinuxMariner CVE-2025-40258 mptcp: fix race condition in mptcp_schedule_work()
LinuxMariner CVE-2025-40287 exfat: fix improper check of dentry.stream.valid_size
LinuxMariner CVE-2025-40277 drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE
LinuxMariner CVE-2025-40285 smb/server: fix possible refcount leak in smb2_sess_setup()
LinuxMariner CVE-2025-40275 ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd
apacheMariner CVE-2025-59775 Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF
LinuxMariner CVE-2025-40251 devlink: rate: Unset parent pointer in devl_rate_nodes_destroy
LinuxMariner CVE-2025-40250 net/mlx5: Clean up only new IRQ glue on request_irq() failure
apacheMariner CVE-2025-65082 Apache HTTP Server: CGI environment variable override
mitreMariner CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
LinuxMariner CVE-2025-40253 s390/ctcm: Fix double-kfree
LinuxMariner CVE-2025-40306 orangefs: fix xattr related buffer overflow...
LinuxMariner CVE-2025-40292 virtio-net: fix received length check in big packets
LinuxMariner CVE-2025-40312 jfs: Verify inode mode when loading from disk
LinuxMariner CVE-2025-40319 bpf: Sync pending IRQ work before freeing ring buffer
LinuxMariner CVE-2025-40293 iommufd: Don't overflow during division for dirty tracking
LinuxMariner CVE-2025-40308 Bluetooth: bcsp: receive data only if registered
LinuxMariner CVE-2023-53749 x86: fix clear_user_rep_good() exception handling annotation
LinuxMariner CVE-2025-40305 9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN
LinuxMariner CVE-2025-40309 Bluetooth: SCO: Fix UAF on sco_conn_free
LinuxMariner CVE-2025-40315 usb: gadget: f_fs: Fix epfile null pointer access after ep enable.
LinuxMariner CVE-2025-40323 fbcon: Set fb_display[i]->mode to NULL when the mode is released
LinuxMariner CVE-2025-40310 amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw
LinuxMariner CVE-2025-40322 fbdev: bitblit: bound-check glyph index in bit_putcs*
LinuxMariner CVE-2025-40311 accel/habanalabs: support mapping cb with vmalloc-backed coherent memory
LinuxMariner CVE-2025-40294 Bluetooth: MGMT: Fix OOB access in parse_adv_monitor_pattern()
LinuxMariner CVE-2025-40321 wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode
LinuxMariner CVE-2025-40317 regmap: slimbus: fix bus_context pointer in regmap init calls
LinuxMariner CVE-2025-40313 ntfs3: pretend $Extend records as regular files
LinuxMariner CVE-2025-40304 fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds
LinuxMariner CVE-2025-40280 tipc: Fix use-after-free in tipc_mon_reinit_self().
LinuxMariner CVE-2025-40273 NFSD: free copynotify stateid in nfs4_free_ol_stateid()
LinuxMariner CVE-2025-40269 ALSA: usb-audio: Fix potential overflow of PCM transfer buffer
LinuxMariner CVE-2025-40281 sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto
apacheMariner CVE-2025-66200 Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo
LinuxMariner CVE-2025-40263 Input: cros_ec_keyb - fix an invalid memory access
LinuxMariner CVE-2025-40266 KVM: arm64: Check the untrusted offset in FF-A memory share
PSFMariner CVE-2025-12084 Quadratic complexity in node ID cache clearing
GoMariner CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
LinuxMariner CVE-2025-40289 drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM
LinuxMariner CVE-2025-40286 smb/server: fix possible memory leak in smb2_read()
LinuxMariner CVE-2025-40283 Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF
LinuxMariner CVE-2025-40282 Bluetooth: 6lowpan: reset link-local header on ipv6 recv path
LinuxMariner CVE-2025-40279 net: sched: act_connmark: initialize struct tc_ife to fix kernel leak
LinuxMariner CVE-2025-40284 Bluetooth: MGMT: cancel mesh send timer when hdev removed
LinuxMariner CVE-2025-40268 cifs: client: fix memory leak in smb3_fs_context_parse_param
LinuxMariner CVE-2025-40278 net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak
LinuxMariner CVE-2025-40288 drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices
LinuxMariner CVE-2025-40272 mm/secretmem: fix use-after-free race in fault handler
PSFMariner CVE-2025-13836 Excessive read buffering DoS in http.client
PSFMariner CVE-2025-13837 Out-of-memory when loading Plist
LinuxMariner CVE-2025-40262 Input: imx_sc_key - fix memory corruption on unload
PostgreSQLMariner CVE-2025-12819 Untrusted search path in auth_query connection in PgBouncer
GitHub_MMariner CVE-2025-66476 Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability
LinuxMariner CVE-2025-40324 NFSD: Fix crash in nfsd4_read_release()
LinuxMariner CVE-2025-40242 gfs2: Fix unlikely race in gdlm_put_lock
LinuxMariner CVE-2025-40215 xfrm: delete x->tunnel as we delete x
LinuxMariner CVE-2025-40218 mm/damon/vaddr: do not repeat pte_offset_map_lock() until success
MicrosoftMicrosoft Brokering File System CVE-2025-62569 Microsoft Brokering File System Elevation of Privilege Vulnerability
MicrosoftMicrosoft Brokering File System CVE-2025-62469 Microsoft Brokering File System Elevation of Privilege Vulnerability
ChromeMicrosoft Edge (Chromium-based) CVE-2025-13634 Chromium: CVE-2025-13634 Inappropriate implementation in Downloads
ChromeMicrosoft Edge (Chromium-based) CVE-2025-13721 Chromium: CVE-2025-13721 Race in v8
ChromeMicrosoft Edge (Chromium-based) CVE-2025-13630 Chromium: CVE-2025-13630 Type Confusion in V8
ChromeMicrosoft Edge (Chromium-based) CVE-2025-13631 Chromium: CVE-2025-13631 Inappropriate implementation in Google Updater
ChromeMicrosoft Edge (Chromium-based) CVE-2025-13632 Chromium: CVE-2025-13632 Inappropriate implementation in DevTools
ChromeMicrosoft Edge (Chromium-based) CVE-2025-13633 Chromium: CVE-2025-13633 Use after free in Digital Credentials
ChromeMicrosoft Edge (Chromium-based) CVE-2025-13638 Chromium: CVE-2025-13638 Use after free in Media Stream
ChromeMicrosoft Edge (Chromium-based) CVE-2025-13639 Chromium: CVE-2025-13639 Inappropriate implementation in WebRTC
ChromeMicrosoft Edge (Chromium-based) CVE-2025-13640 Chromium: CVE-2025-13640 Inappropriate implementation in Passwords
ChromeMicrosoft Edge (Chromium-based) CVE-2025-13637 Chromium: CVE-2025-13637 Inappropriate implementation in Downloads
ChromeMicrosoft Edge (Chromium-based) CVE-2025-13720 Chromium: CVE-2025-13720 Bad cast in Loader
ChromeMicrosoft Edge (Chromium-based) CVE-2025-13635 Chromium: CVE-2025-13635 Inappropriate implementation in Downloads
ChromeMicrosoft Edge (Chromium-based) CVE-2025-13636 Chromium: CVE-2025-13636 Inappropriate implementation in Split View
MicrosoftMicrosoft Edge for iOS CVE-2025-62223 Microsoft Edge (Chromium-based) for Mac Spoofing Vulnerability
MicrosoftMicrosoft Exchange Server CVE-2025-64666 Microsoft Exchange Server Elevation of Privilege Vulnerability
MicrosoftMicrosoft Exchange Server CVE-2025-64667 Microsoft Exchange Server Spoofing Vulnerability
MicrosoftMicrosoft Graphics Component CVE-2025-64670 Windows DirectX Information Disclosure Vulnerability
MicrosoftMicrosoft Office CVE-2025-62554 Microsoft Office Remote Code Execution Vulnerability
MicrosoftMicrosoft Office CVE-2025-62557 Microsoft Office Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Access CVE-2025-62552 Microsoft Access Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-62560 Microsoft Excel Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-62563 Microsoft Excel Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-62561 Microsoft Excel Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-62564 Microsoft Excel Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-62553 Microsoft Excel Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-62556 Microsoft Excel Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Outlook CVE-2025-62562 Microsoft Outlook Remote Code Execution Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2025-64672 Microsoft SharePoint Server Spoofing Vulnerability
MicrosoftMicrosoft Office Word CVE-2025-62558 Microsoft Word Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Word CVE-2025-62559 Microsoft Word Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Word CVE-2025-62555 Microsoft Word Remote Code Execution Vulnerability
MicrosoftStorvsp.sys Driver CVE-2025-64673 Windows Storage VSP Driver Elevation of Privilege Vulnerability
MicrosoftWindows Camera Frame Server Monitor CVE-2025-62570 Windows Camera Frame Server Monitor Information Disclosure Vulnerability
MicrosoftWindows Client-Side Caching (CSC) Service CVE-2025-62466 Windows Client-Side Caching Elevation of Privilege Vulnerability
MicrosoftWindows Cloud Files Mini Filter Driver CVE-2025-62457 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
MicrosoftWindows Cloud Files Mini Filter Driver CVE-2025-62454 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
MicrosoftWindows Cloud Files Mini Filter Driver CVE-2025-62221 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
MicrosoftWindows Common Log File System Driver CVE-2025-62470 Windows Common Log File System Driver Elevation of Privilege Vulnerability
MicrosoftWindows Defender Firewall Service CVE-2025-62468 Windows Defender Firewall Service Information Disclosure Vulnerability
MicrosoftWindows DirectX CVE-2025-62463 DirectX Graphics Kernel Denial of Service Vulnerability
MicrosoftWindows DirectX CVE-2025-62465 DirectX Graphics Kernel Denial of Service Vulnerability
MicrosoftWindows DirectX CVE-2025-62573 DirectX Graphics Kernel Elevation of Privilege Vulnerability
MicrosoftWindows DWM Core Library CVE-2025-64679 Windows DWM Core Library Elevation of Privilege Vulnerability
MicrosoftWindows DWM Core Library CVE-2025-64680 Windows DWM Core Library Elevation of Privilege Vulnerability
MicrosoftWindows Hyper-V CVE-2025-62567 Windows Hyper-V Denial of Service Vulnerability
MicrosoftWindows Installer CVE-2025-62571 Windows Installer Elevation of Privilege Vulnerability
MicrosoftWindows Message Queuing CVE-2025-62455 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
MicrosoftWindows PowerShell CVE-2025-54100 PowerShell Remote Code Execution Vulnerability
MicrosoftWindows Projected File System CVE-2025-62464 Windows Projected File System Elevation of Privilege Vulnerability
MicrosoftWindows Projected File System CVE-2025-55233 Windows Projected File System Elevation of Privilege Vulnerability
MicrosoftWindows Projected File System CVE-2025-62462 Windows Projected File System Elevation of Privilege Vulnerability
MicrosoftWindows Projected File System CVE-2025-62467 Windows Projected File System Elevation of Privilege Vulnerability
MicrosoftWindows Projected File System Filter Driver CVE-2025-62461 Windows Projected File System Elevation of Privilege Vulnerability
MicrosoftWindows Remote Access Connection Manager CVE-2025-62474 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
MicrosoftWindows Remote Access Connection Manager CVE-2025-62472 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
MicrosoftWindows Resilient File System (ReFS) CVE-2025-62456 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-62549 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-62473 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-64678 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Shell CVE-2025-62565 Windows File Explorer Elevation of Privilege Vulnerability
MicrosoftWindows Shell CVE-2025-64661 Windows Shell Elevation of Privilege Vulnerability
MicrosoftWindows Shell CVE-2025-64658 Windows File Explorer Elevation of Privilege Vulnerability
MicrosoftWindows Storage VSP Driver CVE-2025-59517 Windows Storage VSP Driver Elevation of Privilege Vulnerability
MicrosoftWindows Storage VSP Driver CVE-2025-59516 Windows Storage VSP Driver Elevation of Privilege Vulnerability
MicrosoftWindows Win32K - GRFX CVE-2025-62458 Win32k Elevation of Privilege Vulnerability

CVE-2025-62223 - Microsoft Edge (Chromium-based) for Mac Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62223
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Edge (Chromium-based) for Mac Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:4.3/TemporalScore:3.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network.


FAQ:

According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?

The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Low Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62223
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Low Spoofing Base: 4.3
Temporal: 3.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62223 Syarif Muhammad Sajjad

CVE-2025-62454 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62454
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62454
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62454 haowei yan(jingdong dawnslab)

CVE-2025-62456 - Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62456
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network.


FAQ:

How could an attacker exploit this vulnerability?

An authenticated attacker with access to a shared folder on a system using a Resilient File System (ReFS) volume could exploit this vulnerability by running a specially crafted operation against the folder.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62456
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Remote Code Execution 5068865
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Remote Code Execution 5068865
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Remote Code Execution
5068861
5068966		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Remote Code Execution
5068861
5068966		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Remote Code Execution 5068861

5068966		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Remote Code Execution 5068861

5068966		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Remote Code Execution 5068787

5068840		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Remote Code Execution 5068787

5068840		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Remote Code Execution 5068779
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Remote Code Execution
5068861
5068966		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Remote Code Execution
5068861
5068966		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62456 Thunder_J

CVE-2025-62457 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62457
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62457
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62457 haowei yan(jingdong dawnslab)

CVE-2025-62458 - Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62458
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Win32k Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62458
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2012 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 (Server Core installation) 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 R2 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2012 R2 (Server Core installation) 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2016 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62458 Marcin Wiazowski working with Trend Zero Day Initiative

CVE-2025-62466 - Windows Client-Side Caching Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62466
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Client-Side Caching Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Null pointer dereference in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62466
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2012 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 (Server Core installation) 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 R2 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2012 R2 (Server Core installation) 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2016 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62466 Ezrak1e

CVE-2025-62469 - Microsoft Brokering File System Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62469
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Brokering File System Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62469
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62469 hazard

CVE-2025-62470 - Windows Common Log File System Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62470
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62470
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2012 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 (Server Core installation) 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 R2 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2012 R2 (Server Core installation) 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2016 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62470 haowei yan(jingdong dawnslab)


0rb1t with None

CVE-2025-62472 - Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62472
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use of uninitialized resource in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62472
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2012 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 (Server Core installation) 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 R2 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2012 R2 (Server Core installation) 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2016 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62472 anonymous

CVE-2025-62473 - Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62473
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.


FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.


According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62473
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Information Disclosure 5068864
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Information Disclosure 5068864
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Information Disclosure 5068791
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Information Disclosure 5068791
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Information Disclosure 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Information Disclosure 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Information Disclosure 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Information Disclosure 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Information Disclosure 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Information Disclosure 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Information Disclosure 5068865
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Information Disclosure 5068865
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure
5068861
5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure
5068861
5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Information Disclosure 5068906
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Information Disclosure 5068906
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Information Disclosure 5068906
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Information Disclosure 5068906
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Information Disclosure 5068904
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Information Disclosure 5068904
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2012 5071505 (Monthly Rollup) Important Information Disclosure 5068907
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 (Server Core installation) 5071505 (Monthly Rollup) Important Information Disclosure 5068907
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 R2 5071503 (Monthly Rollup) Important Information Disclosure 5068905
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2012 R2 (Server Core installation) 5071503 (Monthly Rollup) Important Information Disclosure 5068905
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2016 5071543 (Security Update) Important Information Disclosure 5068864
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Information Disclosure 5068864
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Information Disclosure 5068791
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Information Disclosure 5068791
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Information Disclosure 5068787

5068840		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Information Disclosure 5068787

5068840		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Information Disclosure 5068779
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62473 Anonymous

CVE-2025-62549 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62549
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62549
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Remote Code Execution 5068864
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Remote Code Execution 5068864
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Remote Code Execution 5068791
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Remote Code Execution 5068791
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Remote Code Execution 5068781
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Remote Code Execution 5068781
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Remote Code Execution 5068781
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Remote Code Execution 5068781
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Remote Code Execution 5068781
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Remote Code Execution 5068781
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Remote Code Execution 5068865
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Remote Code Execution 5068865
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Remote Code Execution 5068861

5068966		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Remote Code Execution 5068861

5068966		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Remote Code Execution
5068861
5068966		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Remote Code Execution
5068861
5068966		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Remote Code Execution 5068906
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Remote Code Execution 5068906
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Remote Code Execution 5068906
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Remote Code Execution 5068906
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Remote Code Execution 5068904
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Remote Code Execution 5068904
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2012 5071505 (Monthly Rollup) Important Remote Code Execution 5068907
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 (Server Core installation) 5071505 (Monthly Rollup) Important Remote Code Execution 5068907
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 R2 5071503 (Monthly Rollup) Important Remote Code Execution 5068905
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2012 R2 (Server Core installation) 5071503 (Monthly Rollup) Important Remote Code Execution 5068905
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2016 5071543 (Security Update) Important Remote Code Execution 5068864
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Remote Code Execution 5068864
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Remote Code Execution 5068791
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Remote Code Execution 5068791
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Remote Code Execution 5068787

5068840		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Remote Code Execution 5068787

5068840		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Remote Code Execution 5068779
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Remote Code Execution 5068861

5068966		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Remote Code Execution 5068861

5068966		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62549 Anonymous

CVE-2025-62561 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62561
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62561
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002820 (Security Update)
5002818 (Security Update)		 Important Remote Code Execution 5002811

5002810		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002820 (Security Update)
5002818 (Security Update)		 Important Remote Code Execution 5002811

5002810		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Office Online Server 5002817 (Security Update) Important Remote Code Execution 5002801
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20075
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62561 wh1tc in Kunlun lab & devoke & Zhiniang Peng with HUST

CVE-2025-62562 - Microsoft Outlook Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62562
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Outlook Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious email and convince them to reply to it.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62562
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft SharePoint Enterprise Server 2016 5002821 (Security Update)
5002804 (Security Update)		 Critical Remote Code Execution 5002805

5002787		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft SharePoint Server 2019 5002816 (Security Update)
5002802 (Security Update)		 Important Remote Code Execution 5002803

5002798		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20075
 Maybe None
Microsoft Word 2016 (32-bit edition) 5002806 (Security Update) Important Remote Code Execution 5002789
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Word 2016 (64-bit edition) 5002806 (Security Update) Important Remote Code Execution 5002789
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62562 Haifei Li with EXPMON

CVE-2025-62563 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62563
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62563
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002820 (Security Update)
5002818 (Security Update)		 Important Remote Code Execution 5002811

5002810		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002820 (Security Update)
5002818 (Security Update)		 Important Remote Code Execution 5002811

5002810		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Office Online Server 5002817 (Security Update) Important Remote Code Execution 5002801
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20075
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62563 f4 & Zhiniang Peng with HUST

CVE-2025-62564 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62564
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62564
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002820 (Security Update) Important Remote Code Execution 5002811
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002820 (Security Update) Important Remote Code Execution 5002811
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Office Online Server 5002817 (Security Update) Important Remote Code Execution 5002801
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20075
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62564 wh1tc in Kunlun lab & devoke & Zhiniang Peng with HUST

CVE-2025-62571 - Windows Installer Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62571
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Installer Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62571
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2012 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 (Server Core installation) 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 R2 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2012 R2 (Server Core installation) 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2016 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62571 JaGoTu with DCIT, a.s.

CVE-2025-62572 - Application Information Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62572
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Application Information Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Application Information Services allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

A successful exploitation of this vulnerability causes a privilege escalation from Medium to NT AUTHORITY\SYSTEM.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62572
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62572 Pwnforr777

CVE-2025-62573 - DirectX Graphics Kernel Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62573
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62573
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2016 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62573 cyanbamboo and b2ahex

CVE-2025-64658 - Windows File Explorer Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64658
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows File Explorer Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

For an attacker to exploit this vulnerability, they would need to have knowledge of a specific operation that triggers a memory allocation failure, specifically a use after free.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metric, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability?

An authorized attacker must send the user a malicious file and convince the user to open it.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

This vulnerability could lead to a contained execution environment escape. Please refer to AppContainer Isolation for more information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64658
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64658 Taeω02


Anonymous

CVE-2025-64667 - Microsoft Exchange Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64667
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Exchange Server Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.3/TemporalScore:4.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.


FAQ:

According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N), some loss of integrity (I:L) but have no effect on availability (A:N). What is the impact of this vulnerability?

An attacker could spoof incorrect 5322.From email address that is displayed to a user.


Why are update links missing for some Exchange products?

For Exchange Server 2016 and 2019, update links are not provided because these versions are out of support and security updates are only available through the Extended Security Update (ESU) program.

Customers enrolled in ESU can access the December 2025 and future updates, while those not enrolled should migrate to Exchange Server Subscription Edition (SE) to continue receiving security updates. If you have purchased ESU and need assistance accessing updates, contact Microsoft at **ExchangeandSfBServerESUInquiry@service.microsoft.com. **

For more details, see the official blog post.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64667
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Exchange Server 2016 Cumulative Update 23 5071873 (Security Update) Important Spoofing Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
 15.01.2507.063
 Yes None
Microsoft Exchange Server 2019 Cumulative Update 14 5071874 (Security Update) Important Spoofing Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
 15.02.1544.037
 Yes None
Microsoft Exchange Server 2019 Cumulative Update 15 5071875 (Security Update) Important Spoofing Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
 15.02.1748.042
 Yes None
Microsoft Exchange Server Subscription Edition RTM 5071876 (Security Update) Important Spoofing Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
 15.02.2562.035
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64667 Tushar Maroo with Microsoft

CVE-2025-64666 - Microsoft Exchange Server Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64666
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Exchange Server Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.


Why are update links missing for some Exchange products?

For Exchange Server 2016 and 2019, update links are not provided because these versions are out of support and security updates are only available through the Extended Security Update (ESU) program.

Customers enrolled in ESU can access the December 2025 and future updates, while those not enrolled should migrate to Exchange Server Subscription Edition (SE) to continue receiving security updates. If you have purchased ESU and need assistance accessing updates, contact Microsoft at **ExchangeandSfBServerESUInquiry@service.microsoft.com. **

For more details, see the official blog post.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64666
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Exchange Server 2016 Cumulative Update 23 5071873 (Security Update) Important Elevation of Privilege Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.01.2507.063
 Yes None
Microsoft Exchange Server 2019 Cumulative Update 14 5071874 (Security Update) Important Elevation of Privilege Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.02.1544.037
 Yes None
Microsoft Exchange Server 2019 Cumulative Update 15 5071875 (Security Update) Important Elevation of Privilege Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.02.1748.042
 Yes None
Microsoft Exchange Server Subscription Edition RTM 5071876 (Security Update) Important Elevation of Privilege Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.02.2562.035
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64666 National Security Agency

CVE-2025-64670 - Windows DirectX Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64670
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows DirectX Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Exposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows an authorized attacker to disclose information over a network.


FAQ:

What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space. Knowing the exact location of kernel memory could be potentially leveraged by an attacker for other malicious activities.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64670
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Information Disclosure 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Information Disclosure 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Information Disclosure 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Information Disclosure 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Information Disclosure 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Information Disclosure 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Information Disclosure 5068865
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Information Disclosure 5068865
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure
5068861
5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure
5068861
5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Information Disclosure 5068787

5068840		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Information Disclosure 5068787

5068840		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Information Disclosure 5068779
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64670 cyanbamboo and b2ahex

CVE-2025-64673 - Windows Storage VSP Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64673
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Storage VSP Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper access control in Storvsp.sys Driver allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64673
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64673 None

CVE-2025-13640 - Chromium: CVE-2025-13640 Inappropriate implementation in Passwords

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13640
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-13640 Inappropriate implementation in Passwords
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13640
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13640 None

CVE-2025-13639 - Chromium: CVE-2025-13639 Inappropriate implementation in WebRTC

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13639
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-13639 Inappropriate implementation in WebRTC
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13639
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13639 None

CVE-2025-13638 - Chromium: CVE-2025-13638 Use after free in Media Stream

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13638
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-13638 Use after free in Media Stream
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13638
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13638 None

CVE-2025-13637 - Chromium: CVE-2025-13637 Inappropriate implementation in Downloads

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13637
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-13637 Inappropriate implementation in Downloads
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13637
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13637 None

CVE-2025-13636 - Chromium: CVE-2025-13636 Inappropriate implementation in Split View

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13636
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-13636 Inappropriate implementation in Split View
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13636
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13636 None

CVE-2025-13635 - Chromium: CVE-2025-13635 Inappropriate implementation in Downloads

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13635
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-13635 Inappropriate implementation in Downloads
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13635
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13635 None

CVE-2025-13720 - Chromium: CVE-2025-13720 Bad cast in Loader

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13720
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-13720 Bad cast in Loader
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13720
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13720 None

CVE-2025-13721 - Chromium: CVE-2025-13721 Race in v8

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13721
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-13721 Race in v8
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13721
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13721 None

CVE-2025-13634 - Chromium: CVE-2025-13634 Inappropriate implementation in Downloads

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13634
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-13634 Inappropriate implementation in Downloads
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13634
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13634 None

CVE-2025-13633 - Chromium: CVE-2025-13633 Use after free in Digital Credentials

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13633
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-13633 Use after free in Digital Credentials
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13633
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13633 None

CVE-2025-13632 - Chromium: CVE-2025-13632 Inappropriate implementation in DevTools

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13632
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-13632 Inappropriate implementation in DevTools
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13632
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13632 None

CVE-2025-13631 - Chromium: CVE-2025-13631 Inappropriate implementation in Google Updater

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13631
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-13631 Inappropriate implementation in Google Updater
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13631
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13631 None

CVE-2025-13630 - Chromium: CVE-2025-13630 Type Confusion in V8

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13630
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-13630 Type Confusion in V8
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
143.0.3650.66 12/04/2025 143.0.7499.40/.41

Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Dec-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13630
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 143.0.3650.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13630 None

CVE-2025-59516 - Windows Storage VSP Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59516
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Storage VSP Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Missing authentication for critical function in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59516
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59516 Angelboy (@scwuaptx) with DEVCORE


Angelboy (@scwuaptx) with DEVCORE


Angelboy (@scwuaptx) with DEVCORE

CVE-2025-59517 - Windows Storage VSP Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59517
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Storage VSP Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper access control in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59517
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2016 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59517 Ezrak1e


Angelboy (@scwuaptx) with DEVCORE


Angelboy (@scwuaptx) with DEVCORE


Ezrak1e

CVE-2025-62455 - Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62455
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62455
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Elevation of Privilege 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2012 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 (Server Core installation) 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 R2 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2012 R2 (Server Core installation) 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2016 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62455 T0

CVE-2025-62461 - Windows Projected File System Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62461
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Projected File System Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62461
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62461 ChenJian with Sea Security Orca Team

CVE-2025-62462 - Windows Projected File System Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62462
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Projected File System Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62462
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62462 ChenJian with Sea Security Orca Team

CVE-2025-62463 - DirectX Graphics Kernel Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62463
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: DirectX Graphics Kernel Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Null pointer dereference in Windows DirectX allows an authorized attacker to deny service locally.


FAQ:

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to cause denial of service on the Hyper-V host environment.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62463
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Denial of Service 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Denial of Service 5068781
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Denial of Service 5068865
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Denial of Service 5068865
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service
5068861
5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service
5068861
5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Denial of Service 5068787

5068840		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Denial of Service 5068787

5068840		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Denial of Service 5068779
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62463 cyanbamboo and b2ahex

CVE-2025-62464 - Windows Projected File System Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62464
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Projected File System Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62464
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62464 ChenJian with Sea Security Orca Team

CVE-2025-62465 - DirectX Graphics Kernel Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62465
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: DirectX Graphics Kernel Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Null pointer dereference in Windows DirectX allows an authorized attacker to deny service locally.


FAQ:

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to cause denial of service on the Hyper-V host environment.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62465
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Denial of Service 5068865
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Denial of Service 5068865
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service
5068861
5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service
5068861
5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Denial of Service 5068787

5068840		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Denial of Service 5068787

5068840		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Denial of Service 5068779
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service 5068861

5068966		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62465 cyanbamboo and b2ahex

CVE-2025-55233 - Windows Projected File System Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-55233
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Projected File System Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Windows Projected File System allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-55233
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-55233 ChenJian with Sea Security Orca Team

CVE-2025-62467 - Windows Projected File System Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62467
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Projected File System Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Integer overflow or wraparound in Windows Projected File System allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62467
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7462

10.0.26200.7392		 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7462
10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62467 ChenJian with Sea Security Orca Team

CVE-2025-62468 - Windows Defender Firewall Service Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62468
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Defender Firewall Service Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:4.4/TemporalScore:3.9
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Windows Defender Firewall Service allows an authorized attacker to disclose information locally.


FAQ:

According to the CVSS metric, privileges required is high (PR:H). What privileges are required to exploit this vulnerability?

To successfully exploit the vulnerability, an attacker must be part of a specific user group.


What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62468
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Information Disclosure 5068865
 Base: 4.4
Temporal: 3.9
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Information Disclosure 5068865
 Base: 4.4
Temporal: 3.9
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 4.4
Temporal: 3.9
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 4.4
Temporal: 3.9
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure
5068861
5068966		 Base: 4.4
Temporal: 3.9
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure
5068861
5068966		 Base: 4.4
Temporal: 3.9
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Information Disclosure 5068779
 Base: 4.4
Temporal: 3.9
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 4.4
Temporal: 3.9
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 4.4
Temporal: 3.9
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62468 k0shl with Kunlun Lab

CVE-2025-62474 - Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62474
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62474
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Elevation of Privilege 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2012 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 (Server Core installation) 5071505 (Monthly Rollup) Important Elevation of Privilege 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 R2 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2012 R2 (Server Core installation) 5071503 (Monthly Rollup) Important Elevation of Privilege 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2016 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62474 Microsoft Threat Intelligence Center (MSTIC) & Microsoft Security Response Center (MSRC)

CVE-2025-62550 - Azure Monitor Agent Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62550
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Azure Monitor Agent Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.


How could an attacker exploit this vulnerability?

An attacker with local network access to an Azure Linux Virtual Machine running Azure Monitor could exploit a heap overflow to escalate privileges to the syslog user, enabling execution of arbitrary commands.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62550
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Monitor Agent Release Notes (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 1.35.9
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62550 P1hcn

CVE-2025-62552 - Microsoft Access Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62552
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Access Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Relative path traversal in Microsoft Office Access allows an unauthorized attacker to execute code locally.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62552
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Access 2016 (32-bit edition) 5002812 (Security Update) Important Remote Code Execution 5002719
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Access 2016 (64-bit edition) 5002812 (Security Update) Important Remote Code Execution 5002719
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62552 ErPaciocco

CVE-2025-62553 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62553
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62553
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002820 (Security Update)
5002818 (Security Update)		 Important Remote Code Execution 5002811

5002810		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002820 (Security Update)
5002818 (Security Update)		 Important Remote Code Execution 5002811

5002810		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62553 Haifei Li with EXPMON

CVE-2025-62554 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62554
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

Yes, the Preview Pane is an attack vector.


How could an attacker exploit this vulnerability?

Exploitation of this vulnerability requires that an attacker send a malicious link to the victim via email, or that they convince the user to click the link, typically by way of an enticement in an email or Instant Messenger message. In the worst-case email attack scenario, an attacker could send a specially crafted email to the user without a requirement that the victim open, read, or click on the link. This could result in the attacker executing remote code on the victim's machine. When multiple attack vectors can be used, we assign a score based on the scenario with the higher risk (UI:N).


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62554
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2016 (32-bit edition) 5002819 (Security Update) Critical Remote Code Execution 5002809
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1001
 Maybe None
Microsoft Office 2016 (64-bit edition) 5002819 (Security Update) Critical Remote Code Execution 5002809
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1001
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office for Android Release Notes (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 XXXXXX
 Maybe None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Critical Remote Code Execution None Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Critical Remote Code Execution None Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62554

CVE-2025-62555 - Microsoft Word Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62555
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Word Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62555
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Remote Code Execution None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Remote Code Execution None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft SharePoint Enterprise Server 2016 5002821 (Security Update)
5002804 (Security Update)		 Important Remote Code Execution 5002805

5002787		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft SharePoint Server 2019 5002816 (Security Update)
5002802 (Security Update)		 Important Remote Code Execution 5002803

5002798		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20075
 Maybe None
Microsoft Word 2016 (32-bit edition) 5002806 (Security Update) Important Remote Code Execution 5002789
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Word 2016 (64-bit edition) 5002806 (Security Update) Important Remote Code Execution 5002789
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62555 Haifei Li with EXPMON

CVE-2025-62556 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62556
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62556
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002820 (Security Update) Important Remote Code Execution 5002811
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002820 (Security Update) Important Remote Code Execution 5002811
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Office Online Server 5002817 (Security Update) Important Remote Code Execution 5002801
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20075
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62556 wh1tc in Kunlun lab & devoke & Zhiniang Peng with HUST

CVE-2025-62557 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62557
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.


FAQ:

How could an attacker exploit this vulnerability?

Exploitation of this vulnerability requires that an attacker send a malicious link to the victim via email, or that they convince the user to click the link, typically by way of an enticement in an email or Instant Messenger message. In the worst-case email attack scenario, an attacker could send a specially crafted email to the user without a requirement that the victim open, read, or click on the link. This could result in the attacker executing remote code on the victim's machine. When multiple attack vectors can be used, we assign a score based on the scenario with the higher risk (UI:N).


Is the Preview Pane an attack vector for this vulnerability?

Yes, the Preview Pane is an attack vector.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62557
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2016 (32-bit edition) 5002819 (Security Update) Critical Remote Code Execution 5002809
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1001
 Maybe None
Microsoft Office 2016 (64-bit edition) 5002819 (Security Update) Critical Remote Code Execution 5002809
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1001
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office for Android Release Notes (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 XXXXXX
 Maybe None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Critical Remote Code Execution None Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Critical Remote Code Execution None Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62557 Li Shuang, willJ and Guang Gong with Vulnerability Research Institute

CVE-2025-62558 - Microsoft Word Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62558
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Word Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62558
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft SharePoint Enterprise Server 2016 5002821 (Security Update)
5002804 (Security Update)		 Important Remote Code Execution 5002805

5002787		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft SharePoint Server 2019 5002816 (Security Update)
5002802 (Security Update)		 Important Remote Code Execution 5002803

5002798		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20075
 Maybe None
Microsoft Word 2016 (32-bit edition) 5002806 (Security Update) Important Remote Code Execution 5002789
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Word 2016 (64-bit edition) 5002806 (Security Update) Important Remote Code Execution 5002789
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62558 Haifei Li with EXPMON

CVE-2025-62559 - Microsoft Word Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62559
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Word Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62559
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft SharePoint Enterprise Server 2016 5002821 (Security Update)
5002804 (Security Update)		 Important Remote Code Execution 5002805

5002787		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft SharePoint Server 2019 5002816 (Security Update)
5002802 (Security Update)		 Important Remote Code Execution 5002803

5002798		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20075
 Maybe None
Microsoft Word 2016 (32-bit edition) 5002806 (Security Update) Important Remote Code Execution 5002789
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Word 2016 (64-bit edition) 5002806 (Security Update) Important Remote Code Execution 5002789
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62559 Haifei Li with EXPMON

CVE-2025-62560 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62560
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office LTSC for Mac currently available?

The security update for Microsoft Office LTSC for Mac 2021 and 2024 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62560
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002820 (Security Update) Important Remote Code Execution 5002811
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002820 (Security Update) Important Remote Code Execution 5002811
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5530.1000
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Microsoft Office LTSC for Mac 2024 Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown Unknown None
Office Online Server 5002817 (Security Update) Important Remote Code Execution 5002801
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20075
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62560

CVE-2025-62567 - Windows Hyper-V Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62567
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Hyper-V Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.3/TemporalScore:4.6
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Integer underflow (wrap or wraparound) in Windows Hyper-V allows an authorized attacker to deny service over a network.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62567
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Denial of Service 5068864
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Denial of Service 5068791
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Denial of Service 5068781
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Denial of Service 5068781
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Denial of Service 5068865
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Denial of Service 5068865
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service 5068861

5068966		 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service 5068861

5068966		 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service
5068861
5068966		 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service
5068861
5068966		 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2012 R2 5071503 (Monthly Rollup) Important Denial of Service 5068905
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2012 R2 (Server Core installation) 5071503 (Monthly Rollup) Important Denial of Service 5068905
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2016 5071543 (Security Update) Important Denial of Service 5068864
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Denial of Service 5068864
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Denial of Service 5068791
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Denial of Service 5068791
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Denial of Service 5068787

5068840		 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Denial of Service 5068787

5068840		 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Denial of Service 5068779
 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service 5068861

5068966		 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Denial of Service 5068861

5068966		 Base: 5.3
Temporal: 4.6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62567 Mitchell Turner with Prelude Research


https://x.com/33y0re Connor McGarr with https://www.preludesecurity.com Prelude Research

CVE-2025-62569 - Microsoft Brokering File System Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62569
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Brokering File System Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-free vulnerability, even as a standard user.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62569
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62569 hazard

CVE-2025-62570 - Windows Camera Frame Server Monitor Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62570
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Camera Frame Server Monitor Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper access control in Windows Camera Frame Server Monitor allows an authorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of certain kernel memory content.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62570
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure
5068861
5068966		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure
5068861
5068966		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Information Disclosure 5068861

5068966		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62570 Francisco José Carot Ripollés (RipFran) with KPMG Spain

CVE-2025-62565 - Windows File Explorer Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62565
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows File Explorer Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows Shell allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

Minimal interaction with a malicious file by a user such as selecting (single-click), inspecting (right-click), or performing an action other than opening or executing the file could trigger this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62565
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2016 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62565 Anonymous

CVE-2025-64661 - Windows Shell Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64661
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Shell Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

This vulnerability could lead to a contained execution environment escape. Please refer to AppContainer Isolation for more information.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control for more information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64661
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2016 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Elevation of Privilege 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64661 Anonymous

CVE-2025-64671 - GitHub Copilot for Jetbrains Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64671
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: GitHub Copilot for Jetbrains Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


How could an attacker exploit this vulnerability?

Via a malicious Cross Prompt Inject in untrusted files or MCP servers, an attacker could execute additional commands by appending them to commands allowed in the user's terminal auto-approve setting.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64671
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
GitHub Copilot Plugin for JetBrains IDEs Release Notes (Security Update) Important Remote Code Execution Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 1.5.60-243
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64671 Ari Marzuk with https://maccarita.com/

CVE-2025-64672 - Microsoft SharePoint Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64672
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SharePoint Server Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.


FAQ:

How could an attacker exploit the vulnerability?

An attacker who successfully exploited this vulnerability might be able to run their scripts in the security context of the current user by enticing the user to click on a link resulting in a cross-site scripting attack on the SharePoint Server.


According to the CVSS metric, the attack vector is network (AV:N) and the attack complexity is low (AC:L). What does that mean for this vulnerability?

The attack vector is Network (AV:N) because this vulnerability is remotely exploitable and can be exploited from the internet. The attack complexity is Low (AC:L) because an attacker does not require significant prior knowledge of the system and can achieve repeatable success with the payload against the vulnerable component.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64672
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Server Subscription Edition 5002815 (Security Update) Important Spoofing 5002800
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.19127.20378
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64672 José Pedro Pereira Junior; https://www.linkedin.com/in/jose-pedro-pereira-jr/


CVE-2025-64678 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64678
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.


FAQ:

How could an attacker exploit this vulnerability?

An attacker authenticated on the domain could exploit this vulnerability by tricking a domain-joined user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published. This CVE was addressed by updates that were released in November 2025, but the CVE was inadvertently omitted from the November 2025 Security Updates. This is an informational change only. Customers who have already installed the November 2025 update do not need to take any further action.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64678
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19043.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19043.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19043.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Remote Code Execution
5066791		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6575		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Remote Code Execution
5066791		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6575		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Remote Code Execution
5066791		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6575		 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Remote Code Execution 5066793
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Remote Code Execution 5066793
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution 5066835
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution 5066835
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution
5066835		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution
5066835		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Remote Code Execution 5066872
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Remote Code Execution 5066872
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Remote Code Execution 5066875
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Remote Code Execution 5066875
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Remote Code Execution 5066873
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Remote Code Execution 5066873
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Remote Code Execution 5066782
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Remote Code Execution 5066782
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Remote Code Execution 5066780
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution 5066835
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution 5066835
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64678 Anonymous

CVE-2025-64679 - Windows DWM Core Library Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64679
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows DWM Core Library Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published. This CVE was addressed by updates that were released in October 2025, but the CVE was inadvertently omitted from the October 2025 Security Updates. Microsoft strongly recommends that customers running affected versions of Windows install the October 2025 updates to be protected from this vulnerability.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64679
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5066837 (Security Update) Important Elevation of Privilege 5065430
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21161
 Yes None
Windows 10 for x64-based Systems 5066837 (Security Update) Important Elevation of Privilege 5065430
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21161
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5066836 (Security Update) Important Elevation of Privilege 5065427
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows 10 Version 1607 for x64-based Systems 5066836 (Security Update) Important Elevation of Privilege 5065427
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5066586 (Security Update) Important Elevation of Privilege 5065428
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows 10 Version 1809 for x64-based Systems 5066586 (Security Update) Important Elevation of Privilege 5065428
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5066791 (Security Update) Important Elevation of Privilege 5065429
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19043.6456
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5066791 (Security Update) Important Elevation of Privilege 5065429
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19043.6456
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5066791 (Security Update) Important Elevation of Privilege 5065429
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19043.6456
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5066791 (Security Update) Important Elevation of Privilege
5065429		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6456		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5066791 (Security Update) Important Elevation of Privilege
5065429		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6456		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5066791 (Security Update) Important Elevation of Privilege
5065429		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6456		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5066793 (Security Update) Important Elevation of Privilege 5065431
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.6060
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5066793 (Security Update) Important Elevation of Privilege 5065431
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.6060
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5066793 (Security Update) Important Elevation of Privilege 5065431
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6060
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5066793 (Security Update) Important Elevation of Privilege 5065431
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6060
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5066835 (Security Update) Important Elevation of Privilege 5065426
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5066835 (Security Update) Important Elevation of Privilege 5065426
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5066835 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.6899		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5066835 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.6899		 Yes None
Windows Server 2016 5066836 (Security Update) Important Elevation of Privilege 5065427
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows Server 2016 (Server Core installation) 5066836 (Security Update) Important Elevation of Privilege 5065427
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows Server 2019 5066586 (Security Update) Important Elevation of Privilege 5065428
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows Server 2019 (Server Core installation) 5066586 (Security Update) Important Elevation of Privilege 5065428
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows Server 2022 5066782 (Security Update) Important Elevation of Privilege 5065432
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4294
 Yes None
Windows Server 2022 (Server Core installation) 5066782 (Security Update) Important Elevation of Privilege 5065432
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4294
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5066780 (Security Update) Important Elevation of Privilege 5065425
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1913
 Yes None
Windows Server 2025 5066835 (Security Update) Important Elevation of Privilege 5065426
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None
Windows Server 2025 (Server Core installation) 5066835 (Security Update) Important Elevation of Privilege 5065426
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64679 namnp with Viettel Cyber Security

CVE-2025-64680 - Windows DWM Core Library Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64680
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows DWM Core Library Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64680
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5066837 (Security Update) Important Elevation of Privilege 5065430
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21161
 Yes None
Windows 10 for x64-based Systems 5066837 (Security Update) Important Elevation of Privilege 5065430
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.21161
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5066836 (Security Update) Important Elevation of Privilege 5065427
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows 10 Version 1607 for x64-based Systems 5066836 (Security Update) Important Elevation of Privilege 5065427
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5066586 (Security Update) Important Elevation of Privilege 5065428
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows 10 Version 1809 for x64-based Systems 5066586 (Security Update) Important Elevation of Privilege 5065428
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5066791 (Security Update) Important Elevation of Privilege 5065429
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19043.6456
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5066791 (Security Update) Important Elevation of Privilege 5065429
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19043.6456
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5066791 (Security Update) Important Elevation of Privilege 5065429
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19043.6456
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5066791 (Security Update) Important Elevation of Privilege
5065429		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6456		 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5066791 (Security Update) Important Elevation of Privilege
5065429		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6456		 Yes None
Windows 10 Version 22H2 for x64-based Systems 5066791 (Security Update) Important Elevation of Privilege
5065429		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.6456		 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5066793 (Security Update) Important Elevation of Privilege 5065431
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.6060
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5066793 (Security Update) Important Elevation of Privilege 5065431
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.6060
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5066793 (Security Update) Important Elevation of Privilege 5065431
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6060
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5066793 (Security Update) Important Elevation of Privilege 5065431
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6060
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5066835 (Security Update) Important Elevation of Privilege 5065426
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5066835 (Security Update) Important Elevation of Privilege 5065426
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5066835 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.6899		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5066835 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.6899		 Yes None
Windows Server 2016 5066836 (Security Update) Important Elevation of Privilege 5065427
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows Server 2016 (Server Core installation) 5066836 (Security Update) Important Elevation of Privilege 5065427
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows Server 2019 5066586 (Security Update) Important Elevation of Privilege 5065428
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows Server 2019 (Server Core installation) 5066586 (Security Update) Important Elevation of Privilege 5065428
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows Server 2022 5066782 (Security Update) Important Elevation of Privilege 5065432
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4294
 Yes None
Windows Server 2022 (Server Core installation) 5066782 (Security Update) Important Elevation of Privilege 5065432
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4294
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5066780 (Security Update) Important Elevation of Privilege 5065425
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1913
 Yes None
Windows Server 2025 5066835 (Security Update) Important Elevation of Privilege 5065426
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None
Windows Server 2025 (Server Core installation) 5066835 (Security Update) Important Elevation of Privilege 5065426
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64680 namnp with Viettel Cyber Security

CVE-2025-54100 - PowerShell Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-54100
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: PowerShell Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally.


FAQ:

Is there more information I need to know after I install the Security Updates to address this vulnerability?

After you install the updates, when you use the Invoke-WebRequest command you will see the following confirmation prompt with security warning of script execution risk:

Security Warning: Script Execution Risk
Invoke-WebRequest parses the content of the web page. Script code in the web page might be run when the page is parsed.
      RECOMMENDED ACTION:
      Use the -UseBasicParsing switch to avoid script code execution.
      Do you want to continue?
			```
 
 
For additional details, see [KB5074596: PowerShell 5.1: Preventing script execution from web content](https://support.microsoft.com/help/5072034).

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


After I install security update 5074204 or 5074353 will a reboot be required?

Yes. After you install Security Update 5074204 or 5074353, you will be required to reboot your system.

Note that your PowerShell session itself does not require a reboot unless a particular utility DLL is loaded in memory during the session. Consistent with previous updates, only the presence of certain DLLs in use might trigger a reboot prompt.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-54100
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5071543 (Security Update) Important Remote Code Execution 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1607 for x64-based Systems 5071543 (Security Update) Important Remote Code Execution 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Remote Code Execution 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Remote Code Execution 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Remote Code Execution 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Remote Code Execution 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Remote Code Execution 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Remote Code Execution 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Remote Code Execution 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Remote Code Execution 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Remote Code Execution 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Remote Code Execution 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5074204 (Security Only)		 Important Remote Code Execution 5068861
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7456		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5074204 (Security Only)		 Important Remote Code Execution 5068861
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7456		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5074204 (Security Update)		 Important Remote Code Execution
5068861		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7456		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5074204 (Security Only)		 Important Remote Code Execution
5068861		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7456		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Remote Code Execution 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Remote Code Execution 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Remote Code Execution 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5071504 (Monthly Rollup)
5071507 (Security Only)		 Important Remote Code Execution 5068906
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23666
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Remote Code Execution 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5071501 (Monthly Rollup)
5071506 (Security Only)		 Important Remote Code Execution 5068904
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28064
 Yes None
Windows Server 2012 5071505 (Monthly Rollup) Important Remote Code Execution 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 (Server Core installation) 5071505 (Monthly Rollup) Important Remote Code Execution 5068907
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25815
 Yes None
Windows Server 2012 R2 5071503 (Monthly Rollup) Important Remote Code Execution 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2012 R2 (Server Core installation) 5071503 (Monthly Rollup) Important Remote Code Execution 5068905
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22920
 Yes None
Windows Server 2016 5071543 (Security Update) Important Remote Code Execution 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2016 (Server Core installation) 5071543 (Security Update) Important Remote Code Execution 5068864
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8688
 Yes None
Windows Server 2019 5071544 (Security Update) Important Remote Code Execution 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Remote Code Execution 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5074353 (Security Only)		 Important Remote Code Execution 5068787
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529
 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5074353 (Security Only)		 Important Remote Code Execution 5068787
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Remote Code Execution 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5074204 (Security Update)		 Important Remote Code Execution 5068861
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7456		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5074204 (Security Update)		 Important Remote Code Execution 5068861
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7456		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-54100 Osman Eren Güneş


Osman Eren Güneş


Melih Kaan Yıldız


Anonymous


Pēteris Hermanis Osipovs


DeadOverflow


Justin Necke

CVE-2025-62221 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62221
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62221
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 1809 for x64-based Systems 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6691
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5071546 (Security Update) Important Elevation of Privilege 5068781
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6691
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5071417 (Security Update) Important Elevation of Privilege 5068865
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6345
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege
5068861
5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7462
10.0.26200.7392		 Yes None
Windows Server 2019 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2019 (Server Core installation) 5071544 (Security Update) Important Elevation of Privilege 5068791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8146
 Yes None
Windows Server 2022 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022 (Server Core installation) 5071547 (Security Update)
5071413 (Security Hotpatch Update)		 Important Elevation of Privilege 5068787

5068840		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4529

10.0.20348.4467		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5071542 (Security Update) Important Elevation of Privilege 5068779
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.2025
 Yes None
Windows Server 2025 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None
Windows Server 2025 (Server Core installation) 5072033 (Security Update)
5072014 (Security Hotpatch Update)		 Important Elevation of Privilege 5068861

5068966		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7462

10.0.26100.7392		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62221 Microsoft Threat Intelligence Center (MSTIC) & Microsoft Security Response Center (MSRC)

CVE-2025-12819 - Untrusted search path in auth_query connection in PgBouncer

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-12819
MITRE
NVD

Issuing CNA: PostgreSQL

 CVE Title: Untrusted search path in auth_query connection in PgBouncer
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05-Dec-25    

Information published.


2.0    06-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-12819
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 pgbouncer 1.24.1-1 on Azure Linux 3.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
 Unknown Unknown None
cbl2 pgbouncer 1.24.1-1 on CBL Mariner 2.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-12819 None

CVE-2025-13836 - Excessive read buffering DoS in http.client

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13836
MITRE
NVD

Issuing CNA: PSF

 CVE Title: Excessive read buffering DoS in http.client
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05-Dec-25    

Information published.


2.0    06-Dec-25    

Information published.


3.0    07-Dec-25    

Information published.


4.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13836
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 python3 3.12.9-5 on Azure Linux 3.0 Moderate Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
azl3 python3 3.12.9-6 on Azure Linux 3.0 Moderate Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
azl3 tensorflow 2.16.1-9 on Azure Linux 3.0 Moderate Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
cbl2 python3 3.9.19-16 on CBL Mariner 2.0 Moderate Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
cbl2 python3 3.9.19-17 on CBL Mariner 2.0 Moderate Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13836 None

CVE-2025-13837 - Out-of-memory when loading Plist

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-13837
MITRE
NVD

Issuing CNA: PSF

 CVE Title: Out-of-memory when loading Plist
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05-Dec-25    

Information published.


2.0    06-Dec-25    

Information published.


3.0    07-Dec-25    

Information published.


4.0    09-Dec-25    

Information published.


 Low Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-13837
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 python3 3.12.9-5 on Azure Linux 3.0 Low Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
azl3 python3 3.12.9-6 on Azure Linux 3.0 Low Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
azl3 tensorflow 2.16.1-9 on Azure Linux 3.0 Low Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
cbl2 python3 3.9.19-16 on CBL Mariner 2.0 Low Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
cbl2 python3 3.9.19-17 on CBL Mariner 2.0 Low Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-13837 None

CVE-2025-66476 - Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-66476
MITRE
NVD

Issuing CNA: GitHub_M

 CVE Title: Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-66476
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 vim 9.1.1616-1 on Azure Linux 3.0 Important Unknown None Base: 7.8
Temporal: 7.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
 Unknown Unknown None
cbl2 vim 9.1.1616-1 on CBL Mariner 2.0 Important Unknown None Base: 7.8
Temporal: 7.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-66476 None

CVE-2025-40215 - xfrm: delete x->tunnel as we delete x

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40215
MITRE
NVD

Issuing CNA: Linux

 CVE Title: xfrm: delete x->tunnel as we delete x
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05-Dec-25    

Information published.


2.0    05-Dec-25    

Information published.


3.0    07-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40215
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40215 None

CVE-2025-40218 - mm/damon/vaddr: do not repeat pte_offset_map_lock() until success

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40218
MITRE
NVD

Issuing CNA: Linux

 CVE Title: mm/damon/vaddr: do not repeat pte_offset_map_lock() until success
CVSS:

CVSS:3.1 Highest BaseScore:4.1/TemporalScore:4.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


3.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40218
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 CBL-Mariner Releases (Security Update) Moderate Unknown Base: 4.1
Temporal: 4.1
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
 6.6.117.1-1
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40218 None

CVE-2025-40262 - Input: imx_sc_key - fix memory corruption on unload

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40262
MITRE
NVD

Issuing CNA: Linux

 CVE Title: Input: imx_sc_key - fix memory corruption on unload
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


3.0    09-Dec-25    

Information published.


 Critical Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40262
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Critical Unknown None Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Critical Unknown None Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40262 None

CVE-2025-40242 - gfs2: Fix unlikely race in gdlm_put_lock

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40242
MITRE
NVD

Issuing CNA: Linux

 CVE Title: gfs2: Fix unlikely race in gdlm_put_lock
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


3.0    09-Dec-25    

Information published.


 Critical Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40242
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Critical Unknown None Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Critical Unknown None Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40242 None

CVE-2025-40240 - sctp: avoid NULL dereference when chunk data buffer is missing

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40240
MITRE
NVD

Issuing CNA: Linux

 CVE Title: sctp: avoid NULL dereference when chunk data buffer is missing
CVSS:

CVSS:3.1 Highest BaseScore:8.6/TemporalScore:7.9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40240
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 CBL-Mariner Releases (Security Update) Important Unknown Base: 8.6
Temporal: 7.9
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U
 6.6.117.1-1
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40240 None

CVE-2025-40245 - nios2: ensure that memblock.current_limit is set when setting pfn limits

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40245
MITRE
NVD

Issuing CNA: Linux

 CVE Title: nios2: ensure that memblock.current_limit is set when setting pfn limits
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


3.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40245
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 CBL-Mariner Releases (Security Update) Moderate Unknown Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 6.6.117.1-1
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40245 None

CVE-2025-40258 - mptcp: fix race condition in mptcp_schedule_work()

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40258
MITRE
NVD

Issuing CNA: Linux

 CVE Title: mptcp: fix race condition in mptcp_schedule_work()
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:7.0
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40258
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Important Unknown None Base: 7.0
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Important Unknown None Base: 7.0
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40258 None

CVE-2025-40254 - net: openvswitch: remove never-working support for setting nsh fields

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40254
MITRE
NVD

Issuing CNA: Linux

 CVE Title: net: openvswitch: remove never-working support for setting nsh fields
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40254
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40254 None

CVE-2025-40252 - net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40252
MITRE
NVD

Issuing CNA: Linux

 CVE Title: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()
CVSS:

CVSS:3.1 Highest BaseScore:6.1/TemporalScore:5.6
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40252
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 6.1
Temporal: 5.6
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H/E:U
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 6.1
Temporal: 5.6
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40252 None

CVE-2025-40223 - most: usb: Fix use-after-free in hdm_disconnect

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40223
MITRE
NVD

Issuing CNA: Linux

 CVE Title: most: usb: Fix use-after-free in hdm_disconnect
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


3.0    09-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40223
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 CBL-Mariner Releases (Security Update) Important Unknown Base: 7.8
Temporal: 7.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
 6.6.117.1-1
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40223 None

CVE-2025-40264 - be2net: pass wrb_params in case of OS2BMC

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40264
MITRE
NVD

Issuing CNA: Linux

 CVE Title: be2net: pass wrb_params in case of OS2BMC
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40264
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40264 None

CVE-2025-40233 - ocfs2: clear extent cache after moving/defragmenting extents

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40233
MITRE
NVD

Issuing CNA: Linux

 CVE Title: ocfs2: clear extent cache after moving/defragmenting extents
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:7.1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


3.0    09-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40233
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 CBL-Mariner Releases (Security Update) Important Unknown Base: 7.1
Temporal: 7.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
 6.6.117.1-1
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40233 None

CVE-2025-40247 - drm/msm: Fix pgtable prealloc error path

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40247
MITRE
NVD

Issuing CNA: Linux

 CVE Title: drm/msm: Fix pgtable prealloc error path
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40247
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40247 None

CVE-2025-40250 - net/mlx5: Clean up only new IRQ glue on request_irq() failure

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40250
MITRE
NVD

Issuing CNA: Linux

 CVE Title: net/mlx5: Clean up only new IRQ glue on request_irq() failure
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40250
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40250 None

CVE-2025-40251 - devlink: rate: Unset parent pointer in devl_rate_nodes_destroy

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40251
MITRE
NVD

Issuing CNA: Linux

 CVE Title: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Critical Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40251
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Critical Unknown None Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Critical Unknown None Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40251 None

CVE-2025-65637 - A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-65637
MITRE
NVD

Issuing CNA: mitre

 CVE Title: A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
CVSS:

CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07-Dec-25    

Information published.


2.0    08-Dec-25    

Information published.


3.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-65637
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 cni-plugins 1.4.0-3 on Azure Linux 3.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 containerized-data-importer 1.57.0-17 on Azure Linux 3.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 dcos-cli 1.2.0-19 on Azure Linux 3.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 flannel 0.24.2-21 on Azure Linux 3.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 influxdb 2.7.5-8 on Azure Linux 3.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 kata-containers 3.19.1.kata2-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 kata-containers-cc 3.15.0.aks0-5 on Azure Linux 3.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 kubernetes 1.30.10-16 on Azure Linux 3.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 libcontainers-common 20240213-3 on Azure Linux 3.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 cert-manager 1.11.2-24 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 cf-cli 8.4.0-25 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 cni-plugins 1.3.0-9 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 containerized-data-importer 1.55.0-26 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 cri-o 1.22.3-17 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 dcos-cli 1.2.0-22 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 flannel 0.14.0-26 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 influxdb 2.6.1-24 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 jx 3.2.236-23 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 kata-containers 3.2.0.azl2-7 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 kata-containers-cc 3.2.0.azl2-8 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 kubernetes 1.28.4-19 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 kube-vip-cloud-provider 0.0.2-23 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 kubevirt 0.59.0-31 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 libcontainers-common 20210626-7 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 local-path-provisioner 0.0.21-19 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 moby-buildx 0.7.1-26 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 moby-compose 2.17.3-12 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 prometheus 2.37.9-5 on CBL Mariner 2.0 Moderate Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-65637 None

CVE-2025-65082 - Apache HTTP Server: CGI environment variable override

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-65082
MITRE
NVD

Issuing CNA: apache

 CVE Title: Apache HTTP Server: CGI environment variable override
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07-Dec-25    

Information published.


2.0    08-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-65082
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 httpd 2.4.65-1 on Azure Linux 3.0 Moderate Unknown None Base: 6.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
 Unknown Unknown None
cbl2 httpd 2.4.65-1 on CBL Mariner 2.0 Moderate Unknown None Base: 6.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-65082 None

CVE-2025-59775 - Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59775
MITRE
NVD

Issuing CNA: apache

 CVE Title: Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07-Dec-25    

Information published.


2.0    08-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59775
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 httpd 2.4.65-1 on Azure Linux 3.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
 Unknown Unknown None
cbl2 httpd 2.4.65-1 on CBL Mariner 2.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59775 None

CVE-2025-40277 - drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40277
MITRE
NVD

Issuing CNA: Linux

 CVE Title: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityLow
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40277
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 7.3
Temporal: 6.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40277 None

CVE-2025-40287 - exfat: fix improper check of dentry.stream.valid_size

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40287
MITRE
NVD

Issuing CNA: Linux

 CVE Title: exfat: fix improper check of dentry.stream.valid_size
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    08-Dec-25    

Information published.


3.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40287
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40287 None

CVE-2025-40275 - ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40275
MITRE
NVD

Issuing CNA: Linux

 CVE Title: ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40275
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40275 None

CVE-2025-40285 - smb/server: fix possible refcount leak in smb2_sess_setup()

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40285
MITRE
NVD

Issuing CNA: Linux

 CVE Title: smb/server: fix possible refcount leak in smb2_sess_setup()
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40285
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40285 None

CVE-2025-40307 - exfat: validate cluster allocation bits of the allocation bitmap

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40307
MITRE
NVD

Issuing CNA: Linux

 CVE Title: exfat: validate cluster allocation bits of the allocation bitmap
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40307
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40307 None

CVE-2025-40314 - usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40314
MITRE
NVD

Issuing CNA: Linux

 CVE Title: usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40314
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Important Unknown None Base: 7.8
Temporal: 7.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40314 None

CVE-2025-40301 - Bluetooth: hci_event: validate skb length for unknown CC opcode

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40301
MITRE
NVD

Issuing CNA: Linux

 CVE Title: Bluetooth: hci_event: validate skb length for unknown CC opcode
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40301
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 7.1
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40301 None

CVE-2025-40297 - net: bridge: fix use-after-free due to MST port state bypass

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40297
MITRE
NVD

Issuing CNA: Linux

 CVE Title: net: bridge: fix use-after-free due to MST port state bypass
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40297
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 7.0
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40297 None

CVE-2025-40303 - btrfs: ensure no dirty metadata is written back for an fs with errors

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40303
MITRE
NVD

Issuing CNA: Linux

 CVE Title: btrfs: ensure no dirty metadata is written back for an fs with errors
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40303
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40303 None

CVE-2025-61729 - Excessive resource consumption when printing error string for host certificate validation in crypto/x509

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-61729
MITRE
NVD

Issuing CNA: Go

 CVE Title: Excessive resource consumption when printing error string for host certificate validation in crypto/x509
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05-Dec-25    

Information published.


2.0    06-Dec-25    

Information published.


3.0    07-Dec-25    

Information published.


4.0    09-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-61729
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 gcc 13.2.0-7 on Azure Linux 3.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 golang 1.23.12-1 on Azure Linux 3.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 golang 1.25.3-1 on Azure Linux 3.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 golang 1.25.5-1 on Azure Linux 3.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 python-tensorboard 2.16.2-6 on Azure Linux 3.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 tensorflow 2.16.1-9 on Azure Linux 3.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 gcc 11.2.0-8 on CBL Mariner 2.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 gcc 11.2.0-9 on CBL Mariner 2.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 golang 1.18.8-10 on CBL Mariner 2.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 golang 1.22.7-5 on CBL Mariner 2.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 msft-golang 1.24.11-1 on CBL Mariner 2.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 msft-golang 1.24.9-1 on CBL Mariner 2.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 python-tensorboard 2.11.0-3 on CBL Mariner 2.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
cbl2 tensorflow 2.11.1-2 on CBL Mariner 2.0 Important Unknown None Base: 7.5
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-61729 None

CVE-2025-66293 - LIBPNG has an out-of-bounds read in png_image_read_composite

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-66293
MITRE
NVD

Issuing CNA: GitHub_M

 CVE Title: LIBPNG has an out-of-bounds read in png_image_read_composite
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05-Dec-25    

Information published.


2.0    06-Dec-25    

Information published.


3.0    06-Dec-25    

Information published.


4.0    07-Dec-25    

Information published.


5.0    08-Dec-25    

Information published.


6.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-66293
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 libpng 1.6.40-1 on Azure Linux 3.0 CBL-Mariner Releases (Security Update) Important Unknown Base: 7.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
 1.6.52-1
 No None
azl3 qtbase 6.6.3-4 on Azure Linux 3.0 Important Unknown None Base: 7.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
 Unknown Unknown None
azl3 syslinux 6.04-11 on Azure Linux 3.0 Important Unknown None Base: 7.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
 Unknown Unknown None
azl3 tensorflow 2.16.1-9 on Azure Linux 3.0 Important Unknown None Base: 7.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
 Unknown Unknown None
cbl2 libpng 1.6.51-1 on CBL Mariner 2.0 CBL-Mariner Releases (Security Update) Moderate Unknown Base: 7.1
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U
 1.6.52-1
 No None
cbl2 qt5-qtbase 5.12.11-18 on CBL Mariner 2.0 Important Unknown None Base: 7.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
 Unknown Unknown None
cbl2 syslinux 6.04-10 on CBL Mariner 2.0 Important Unknown None Base: 7.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
 Unknown Unknown None
cbl2 tensorflow 2.11.1-2 on CBL Mariner 2.0 Important Unknown None Base: 7.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-66293 None

CVE-2025-40217 - pidfs: validate extensible ioctls

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40217
MITRE
NVD

Issuing CNA: Linux

 CVE Title: pidfs: validate extensible ioctls
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05-Dec-25    

Information published.


2.0    06-Dec-25    

Information published.


3.0    07-Dec-25    

Information published.


4.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40217
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 CBL-Mariner Releases (Security Update) Moderate Unknown Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 6.6.117.1-1
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40217 None

CVE-2025-40220 - fuse: fix livelock in synchronous file put from fuseblk workers

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40220
MITRE
NVD

Issuing CNA: Linux

 CVE Title: fuse: fix livelock in synchronous file put from fuseblk workers
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05-Dec-25    

Information published.


2.0    05-Dec-25    

Information published.


3.0    07-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40220
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 CBL-Mariner Releases (Security Update) Moderate Unknown Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 6.6.117.1-1
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40220 None

CVE-2025-40219 - PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40219
MITRE
NVD

Issuing CNA: Linux

 CVE Title: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40219
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 CBL-Mariner Releases (Security Update) Moderate Unknown Base: 5.5
Temporal: 5.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U
 6.6.117.1-1
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40219 None

CVE-2025-34297 - KissFFT Integer Overflow Heap Buffer Overflow via kiss_fft_alloc

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-34297
MITRE
NVD

Issuing CNA: VulnCheck

 CVE Title: KissFFT Integer Overflow Heap Buffer Overflow via kiss_fft_alloc
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-34297
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 tensorflow 2.16.1-9 on Azure Linux 3.0 Important Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
cbl2 tensorflow 2.11.1-2 on CBL Mariner 2.0 Important Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-34297 None

CVE-2025-12385 - Improper validation of tag size in Text component parser

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-12385
MITRE
NVD

Issuing CNA: TQtC

 CVE Title: Improper validation of tag size in Text component parser
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


3.0    08-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-12385
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 qtdeclarative 6.6.1-1 on Azure Linux 3.0 Important Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
cbl2 qt5-qtbase 5.12.11-18 on CBL Mariner 2.0 Important Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
cbl2 qt5-qtdeclarative 5.12.5-5 on CBL Mariner 2.0 Important Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-12385 None

CVE-2025-40261 - nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl()

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40261
MITRE
NVD

Issuing CNA: Linux

 CVE Title: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl()
CVSS:

CVSS:3.1 Highest BaseScore:6.6/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40261
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 6.6
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 6.6
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40261 None

CVE-2025-40257 - mptcp: fix a race in mptcp_pm_del_add_timer()

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40257
MITRE
NVD

Issuing CNA: Linux

 CVE Title: mptcp: fix a race in mptcp_pm_del_add_timer()
CVSS:

CVSS:3.1 Highest BaseScore:6.3/TemporalScore:6.3
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40257
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 6.3
Temporal: 6.3
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 6.3
Temporal: 6.3
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40257 None

CVE-2025-40259 - scsi: sg: Do not sleep in atomic context

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40259
MITRE
NVD

Issuing CNA: Linux

 CVE Title: scsi: sg: Do not sleep in atomic context
CVSS:

CVSS:3.1 Highest BaseScore:6.2/TemporalScore:6.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40259
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 6.2
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 6.2
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40259 None

CVE-2025-40244 - hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent()

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40244
MITRE
NVD

Issuing CNA: Linux

 CVE Title: hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent()
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


3.0    09-Dec-25    

Information published.


 Critical Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40244
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 CBL-Mariner Releases (Security Update) Critical Unknown Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 6.6.117.1-1
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40244 None

CVE-2025-40248 - vsock: Ignore signal/timeout on connect() if already established

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40248
MITRE
NVD

Issuing CNA: Linux

 CVE Title: vsock: Ignore signal/timeout on connect() if already established
CVSS:

CVSS:3.1 Highest BaseScore:6.3/TemporalScore:6.3
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40248
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 6.3
Temporal: 6.3
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 6.3
Temporal: 6.3
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40248 None

CVE-2025-40243 - hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits()

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40243
MITRE
NVD

Issuing CNA: Linux

 CVE Title: hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits()
CVSS:

CVSS:3.1 Highest BaseScore:6.6/TemporalScore:6.6
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


3.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40243
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 CBL-Mariner Releases (Security Update) Moderate Unknown Base: 6.6
Temporal: 6.6
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H
 6.6.117.1-1
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40243 None

CVE-2025-40253 - s390/ctcm: Fix double-kfree

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40253
MITRE
NVD

Issuing CNA: Linux

 CVE Title: s390/ctcm: Fix double-kfree
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


3.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40253
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40253 None

CVE-2025-40266 - KVM: arm64: Check the untrusted offset in FF-A memory share

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40266
MITRE
NVD

Issuing CNA: Linux

 CVE Title: KVM: arm64: Check the untrusted offset in FF-A memory share
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40266
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 7.1
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 7.1
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40266 None

CVE-2025-40263 - Input: cros_ec_keyb - fix an invalid memory access

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40263
MITRE
NVD

Issuing CNA: Linux

 CVE Title: Input: cros_ec_keyb - fix an invalid memory access
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


3.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40263
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U
 Unknown Unknown None
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40263 None

CVE-2025-61727 - Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-61727
MITRE
NVD

Issuing CNA: Go

 CVE Title: Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


3.0    08-Dec-25    

Information published.


4.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-61727
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 gcc 13.2.0-7 on Azure Linux 3.0 Moderate Unknown None Base: 6.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
 Unknown Unknown None
azl3 golang 1.23.12-1 on Azure Linux 3.0 Moderate Unknown None Base: 6.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
 Unknown Unknown None
azl3 golang 1.25.5-1 on Azure Linux 3.0 Low Unknown None Base: 3.4
Temporal: 3.4
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
 Unknown Unknown None
azl3 python-tensorboard 2.16.2-6 on Azure Linux 3.0 Moderate Unknown None Base: 6.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
 Unknown Unknown None
azl3 tensorflow 2.16.1-9 on Azure Linux 3.0 Moderate Unknown None Base: 6.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
 Unknown Unknown None
cbl2 gcc 11.2.0-9 on CBL Mariner 2.0 Moderate Unknown None Base: 6.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
 Unknown Unknown None
cbl2 golang 1.18.8-10 on CBL Mariner 2.0 Moderate Unknown None Base: 6.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
 Unknown Unknown None
cbl2 golang 1.22.7-5 on CBL Mariner 2.0 Moderate Unknown None Base: 6.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
 Unknown Unknown None
cbl2 msft-golang 1.24.11-1 on CBL Mariner 2.0 Low Unknown None Base: 3.4
Temporal: 3.4
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
 Unknown Unknown None
cbl2 python-tensorboard 2.11.0-3 on CBL Mariner 2.0 Moderate Unknown None Base: 6.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
 Unknown Unknown None
cbl2 tensorflow 2.11.1-2 on CBL Mariner 2.0 Moderate Unknown None Base: 6.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-61727 None

CVE-2025-12084 - Quadratic complexity in node ID cache clearing

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-12084
MITRE
NVD

Issuing CNA: PSF

 CVE Title: Quadratic complexity in node ID cache clearing
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Dec-25    

Information published.


2.0    07-Dec-25    

Information published.


3.0    08-Dec-25    

Information published.


4.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-12084
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 python3 3.12.9-6 on Azure Linux 3.0 Moderate Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
azl3 tensorflow 2.16.1-9 on Azure Linux 3.0 Moderate Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
cbl2 python3 3.9.19-17 on CBL Mariner 2.0 Moderate Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-12084 None

CVE-2025-66200 - Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-66200
MITRE
NVD

Issuing CNA: apache

 CVE Title: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo
CVSS:

CVSS:3.1 Highest BaseScore:5.4/TemporalScore:5.4
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07-Dec-25    

Information published.


2.0    08-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-66200
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 httpd 2.4.65-1 on Azure Linux 3.0 Moderate Unknown None Base: 5.4
Temporal: 5.4
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
 Unknown Unknown None
cbl2 httpd 2.4.65-1 on CBL Mariner 2.0 Moderate Unknown None Base: 5.4
Temporal: 5.4
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-66200 None

CVE-2025-40273 - NFSD: free copynotify stateid in nfs4_free_ol_stateid()

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40273
MITRE
NVD

Issuing CNA: Linux

 CVE Title: NFSD: free copynotify stateid in nfs4_free_ol_stateid()
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40273
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 7.0
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40273 None

CVE-2025-40280 - tipc: Fix use-after-free in tipc_mon_reinit_self().

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40280
MITRE
NVD

Issuing CNA: Linux

 CVE Title: tipc: Fix use-after-free in tipc_mon_reinit_self().
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40280
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 7.0
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40280 None

CVE-2025-40281 - sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40281
MITRE
NVD

Issuing CNA: Linux

 CVE Title: sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40281
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 7.0
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40281 None

CVE-2025-40269 - ALSA: usb-audio: Fix potential overflow of PCM transfer buffer

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40269
MITRE
NVD

Issuing CNA: Linux

 CVE Title: ALSA: usb-audio: Fix potential overflow of PCM transfer buffer
CVSS:

CVSS:3.1 Highest BaseScore:4.3/TemporalScore:4.3
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40269
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 4.3
Temporal: 4.3
Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40269 None

CVE-2025-40289 - drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40289
MITRE
NVD

Issuing CNA: Linux

 CVE Title: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    08-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40289
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40289 None

CVE-2025-40278 - net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40278
MITRE
NVD

Issuing CNA: Linux

 CVE Title: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40278
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40278 None

CVE-2025-40268 - cifs: client: fix memory leak in smb3_fs_context_parse_param

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40268
MITRE
NVD

Issuing CNA: Linux

 CVE Title: cifs: client: fix memory leak in smb3_fs_context_parse_param
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40268
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40268 None

CVE-2025-40272 - mm/secretmem: fix use-after-free race in fault handler

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40272
MITRE
NVD

Issuing CNA: Linux

 CVE Title: mm/secretmem: fix use-after-free race in fault handler
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40272
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Important Unknown None Base: 7.8
Temporal: 7.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40272 None

CVE-2025-40288 - drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40288
MITRE
NVD

Issuing CNA: Linux

 CVE Title: drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices
CVSS:

CVSS:3.1 Highest BaseScore:4.7/TemporalScore:4.7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40288
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 4.7
Temporal: 4.7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40288 None

CVE-2025-40284 - Bluetooth: MGMT: cancel mesh send timer when hdev removed

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40284
MITRE
NVD

Issuing CNA: Linux

 CVE Title: Bluetooth: MGMT: cancel mesh send timer when hdev removed
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40284
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40284 None

CVE-2025-40283 - Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40283
MITRE
NVD

Issuing CNA: Linux

 CVE Title: Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40283
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 7.1
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40283 None

CVE-2025-40286 - smb/server: fix possible memory leak in smb2_read()

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40286
MITRE
NVD

Issuing CNA: Linux

 CVE Title: smb/server: fix possible memory leak in smb2_read()
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40286
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40286 None

CVE-2025-40279 - net: sched: act_connmark: initialize struct tc_ife to fix kernel leak

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40279
MITRE
NVD

Issuing CNA: Linux

 CVE Title: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40279
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40279 None

CVE-2025-40282 - Bluetooth: 6lowpan: reset link-local header on ipv6 recv path

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40282
MITRE
NVD

Issuing CNA: Linux

 CVE Title: Bluetooth: 6lowpan: reset link-local header on ipv6 recv path
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Dec-25    

Information published.


2.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40282
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40282 None

CVE-2023-53749 - x86: fix clear_user_rep_good() exception handling annotation

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-53749
MITRE
NVD

Issuing CNA: Linux

 CVE Title: x86: fix clear_user_rep_good() exception handling annotation
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-53749
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 7.1
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-53749 None

CVE-2025-40308 - Bluetooth: bcsp: receive data only if registered

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40308
MITRE
NVD

Issuing CNA: Linux

 CVE Title: Bluetooth: bcsp: receive data only if registered
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40308
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40308 None

CVE-2025-40309 - Bluetooth: SCO: Fix UAF on sco_conn_free

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40309
MITRE
NVD

Issuing CNA: Linux

 CVE Title: Bluetooth: SCO: Fix UAF on sco_conn_free
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40309
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40309 None

CVE-2025-40305 - 9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40305
MITRE
NVD

Issuing CNA: Linux

 CVE Title: 9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40305
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 Moderate Unknown None Base: 7.0
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40305 None

CVE-2025-40293 - iommufd: Don't overflow during division for dirty tracking

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40293
MITRE
NVD

Issuing CNA: Linux

 CVE Title: iommufd: Don't overflow during division for dirty tracking
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40293
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40293 None

CVE-2025-40292 - virtio-net: fix received length check in big packets

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40292
MITRE
NVD

Issuing CNA: Linux

 CVE Title: virtio-net: fix received length check in big packets
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40292
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 7.0
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40292 None

CVE-2025-40306 - orangefs: fix xattr related buffer overflow...

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40306
MITRE
NVD

Issuing CNA: Linux

 CVE Title: orangefs: fix xattr related buffer overflow...
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40306
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40306 None

CVE-2025-40319 - bpf: Sync pending IRQ work before freeing ring buffer

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40319
MITRE
NVD

Issuing CNA: Linux

 CVE Title: bpf: Sync pending IRQ work before freeing ring buffer
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40319
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Important Unknown None Base: 7.8
Temporal: 7.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40319 None

CVE-2025-40312 - jfs: Verify inode mode when loading from disk

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40312
MITRE
NVD

Issuing CNA: Linux

 CVE Title: jfs: Verify inode mode when loading from disk
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:7.1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40312
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Important Unknown None Base: 7.1
Temporal: 7.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40312 None

CVE-2025-40315 - usb: gadget: f_fs: Fix epfile null pointer access after ep enable.

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40315
MITRE
NVD

Issuing CNA: Linux

 CVE Title: usb: gadget: f_fs: Fix epfile null pointer access after ep enable.
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40315
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40315 None

CVE-2025-40317 - regmap: slimbus: fix bus_context pointer in regmap init calls

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40317
MITRE
NVD

Issuing CNA: Linux

 CVE Title: regmap: slimbus: fix bus_context pointer in regmap init calls
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40317
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40317 None

CVE-2025-40321 - wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40321
MITRE
NVD

Issuing CNA: Linux

 CVE Title: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40321
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 6.5
Temporal: 6.5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40321 None

CVE-2025-40304 - fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40304
MITRE
NVD

Issuing CNA: Linux

 CVE Title: fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40304
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40304 None

CVE-2025-40313 - ntfs3: pretend $Extend records as regular files

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40313
MITRE
NVD

Issuing CNA: Linux

 CVE Title: ntfs3: pretend $Extend records as regular files
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40313
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40313 None

CVE-2025-40294 - Bluetooth: MGMT: Fix OOB access in parse_adv_monitor_pattern()

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40294
MITRE
NVD

Issuing CNA: Linux

 CVE Title: Bluetooth: MGMT: Fix OOB access in parse_adv_monitor_pattern()
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40294
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40294 None

CVE-2025-40310 - amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40310
MITRE
NVD

Issuing CNA: Linux

 CVE Title: amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40310
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40310 None

CVE-2025-40323 - fbcon: Set fb_display[i]->mode to NULL when the mode is released

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40323
MITRE
NVD

Issuing CNA: Linux

 CVE Title: fbcon: Set fb_display[i]->mode to NULL when the mode is released
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40323
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40323 None

CVE-2025-40311 - accel/habanalabs: support mapping cb with vmalloc-backed coherent memory

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40311
MITRE
NVD

Issuing CNA: Linux

 CVE Title: accel/habanalabs: support mapping cb with vmalloc-backed coherent memory
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40311
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40311 None

CVE-2025-40322 - fbdev: bitblit: bound-check glyph index in bit_putcs*

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40322
MITRE
NVD

Issuing CNA: Linux

 CVE Title: fbdev: bitblit: bound-check glyph index in bit_putcs*
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40322
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 7.1
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40322 None

CVE-2025-40324 - NFSD: Fix crash in nfsd4_read_release()

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40324
MITRE
NVD

Issuing CNA: Linux

 CVE Title: NFSD: Fix crash in nfsd4_read_release()
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Dec-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40324
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.112.1-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40324 None