8.4
CVE-2025-24084
- EPSS 0.33%
- Veröffentlicht 11.03.2025 16:59:17
- Zuletzt bearbeitet 07.07.2025 17:29:07
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability
Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Windows 11 22h2 Version < 10.0.22621.5039
Microsoft ≫ Windows 11 23h2 Version < 10.0.22631.5039
Microsoft ≫ Windows 11 24h2 HwPlatformarm64 Version < 10.0.26100.3403
Microsoft ≫ Windows 11 24h2 HwPlatformx64 Version < 10.0.26100.3403
Microsoft ≫ Windows Server 2022 Version < 10.0.20348.3270
Microsoft ≫ Windows Server 2022 23h2 Version < 10.0.25398.1486
Microsoft ≫ Windows Server 2025 Version < 10.0.26100.3403
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.559 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 8.4 | 2.5 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-822 Untrusted Pointer Dereference
The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.