7.5
CVE-2025-55231
- EPSS 0.06%
- Veröffentlicht 21.08.2025 19:50:40
- Zuletzt bearbeitet 22.08.2025 18:08:51
- Quelle secure@microsoft.com
- Teams Watchlist Login
- Unerledigt Login
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Storage allows an unauthorized attacker to execute code over a network.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerMicrosoft
≫
Produkt
Windows Server 2019
Version <
10.0.17763.7558
Version
10.0.17763.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2019 (Server Core installation)
Version <
10.0.17763.7558
Version
10.0.17763.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2022
Version <
10.0.20348.3932
Version
10.0.20348.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2025 (Server Core installation)
Version <
10.0.26100.4652
Version
10.0.26100.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2025
Version <
10.0.26100.4652
Version
10.0.26100.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2016
Version <
10.0.14393.8246
Version
10.0.14393.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2016 (Server Core installation)
Version <
10.0.14393.8246
Version
10.0.14393.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2012 R2
Version <
6.3.9600.22676
Version
6.3.9600.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2012 R2 (Server Core installation)
Version <
6.3.9600.22676
Version
6.3.9600.0
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.189 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 7.5 | 1.6 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.