7.8
CVE-2025-64680
- EPSS 0.06%
- Veröffentlicht 09.12.2025 17:56:08
- Zuletzt bearbeitet 09.12.2025 18:36:29
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerMicrosoft
≫
Produkt
Windows 10 Version 1809
Version <
10.0.17763.7919
Version
10.0.17763.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2019
Version <
10.0.17763.7919
Version
10.0.17763.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2019 (Server Core installation)
Version <
10.0.17763.7919
Version
10.0.17763.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2022
Version <
10.0.20348.4294
Version
10.0.20348.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows 10 Version 21H2
Version <
10.0.19043.6456
Version
10.0.19044.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows 11 version 22H2
Version <
10.0.22621.6060
Version
10.0.22621.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows 10 Version 22H2
Version <
10.0.19045.6456
Version
10.0.19045.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2025 (Server Core installation)
Version <
10.0.26100.6899
Version
10.0.26100.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows 11 Version 25H2
Version <
10.0.26200.6899
Version
10.0.26200.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows 11 version 22H3
Version <
10.0.22631.6060
Version
10.0.22631.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows 11 Version 23H2
Version <
10.0.22631.6060
Version
10.0.22631.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2022, 23H2 Edition (Server Core installation)
Version <
10.0.25398.1913
Version
10.0.25398.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows 11 Version 24H2
Version <
10.0.26100.6899
Version
10.0.26100.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2025
Version <
10.0.26100.6899
Version
10.0.26100.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows 10 Version 1507
Version <
10.0.10240.21161
Version
10.0.10240.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows 10 Version 1607
Version <
10.0.14393.8519
Version
10.0.14393.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2016
Version <
10.0.14393.8519
Version
10.0.14393.0
Status
affected
HerstellerMicrosoft
≫
Produkt
Windows Server 2016 (Server Core installation)
Version <
10.0.14393.8519
Version
10.0.14393.0
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.187 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-122 Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().