8.8

CVE-2025-62456

Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerMicrosoft
Produkt Windows 11 Version 25H2
Version < 10.0.26200.7462
Version 10.0.26200.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2022
Version < 10.0.20348.4529
Version 10.0.20348.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2025 (Server Core installation)
Version < 10.0.26100.7462
Version 10.0.26100.0
Status affected
HerstellerMicrosoft
Produkt Windows 11 version 22H3
Version < 10.0.22631.6345
Version 10.0.22631.0
Status affected
HerstellerMicrosoft
Produkt Windows 11 Version 23H2
Version < 10.0.22631.6345
Version 10.0.22631.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2022, 23H2 Edition (Server Core installation)
Version < 10.0.25398.2025
Version 10.0.25398.0
Status affected
HerstellerMicrosoft
Produkt Windows 11 Version 24H2
Version < 10.0.26100.7462
Version 10.0.26100.0
Status affected
HerstellerMicrosoft
Produkt Windows Server 2025
Version < 10.0.26100.7462
Version 10.0.26100.0
Status affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.09% 0.25
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secure@microsoft.com 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-122 Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().