7.8
CVE-2025-55677
- EPSS 0.06%
- Veröffentlicht 14.10.2025 17:00:18
- Zuletzt bearbeitet 24.10.2025 15:18:30
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Windows Device Association Broker Service Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Windows 11 24h2 Version < 10.0.26100.6899
Microsoft ≫ Windows 11 25h2 Version < 10.0.26200.6899
Microsoft ≫ Windows Server 2025 Version < 10.0.26100.6899
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.198 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-822 Untrusted Pointer Dereference
The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.