7.5
CVE-2025-55231
- EPSS 0.06%
- Published 21.08.2025 19:50:40
- Last modified 22.08.2025 18:08:51
- Source secure@microsoft.com
- Teams watchlist Login
- Open Login
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Storage allows an unauthorized attacker to execute code over a network.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorMicrosoft
≫
Product
Windows Server 2019
Version <
10.0.17763.7558
Version
10.0.17763.0
Status
affected
VendorMicrosoft
≫
Product
Windows Server 2019 (Server Core installation)
Version <
10.0.17763.7558
Version
10.0.17763.0
Status
affected
VendorMicrosoft
≫
Product
Windows Server 2022
Version <
10.0.20348.3932
Version
10.0.20348.0
Status
affected
VendorMicrosoft
≫
Product
Windows Server 2025 (Server Core installation)
Version <
10.0.26100.4652
Version
10.0.26100.0
Status
affected
VendorMicrosoft
≫
Product
Windows Server 2025
Version <
10.0.26100.4652
Version
10.0.26100.0
Status
affected
VendorMicrosoft
≫
Product
Windows Server 2016
Version <
10.0.14393.8246
Version
10.0.14393.0
Status
affected
VendorMicrosoft
≫
Product
Windows Server 2016 (Server Core installation)
Version <
10.0.14393.8246
Version
10.0.14393.0
Status
affected
VendorMicrosoft
≫
Product
Windows Server 2012 R2
Version <
6.3.9600.22676
Version
6.3.9600.0
Status
affected
VendorMicrosoft
≫
Product
Windows Server 2012 R2 (Server Core installation)
Version <
6.3.9600.22676
Version
6.3.9600.0
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.189 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| secure@microsoft.com | 7.5 | 1.6 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.