Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-2884 (GCVE-0-2025-2884)
Vulnerability from cvelistv5 – Published: 2025-06-10 17:29 – Updated: 2025-06-13 18:22
VLAI?
EPSS
Summary
TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trusted Computing Group | TPM2.0 |
Affected:
0 , < 1.83
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-06-10T19:02:29.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html"
},
{
"url": "https://www.kb.cert.org/vuls/id/282450"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-2884",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-13T01:41:10.489446Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-13T01:46:13.802Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "TPM2.0",
"vendor": "Trusted Computing Group",
"versions": [
{
"lessThan": "1.83",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TCG TPM2.0 Reference implementation\u0027s CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key\u0027s algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0"
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2884",
"selections": [
{
"name": "Exploitation",
"namespace": "ssvc",
"values": [
"none"
],
"version": "1.0.0"
},
{
"name": "Automatable",
"namespace": "ssvc",
"values": [
"no"
],
"version": "2.0.0"
},
{
"name": "Technical Impact",
"namespace": "ssvc",
"values": [
"partial"
],
"version": "1.0.0"
},
{
"name": "Mission \u0026 Well-being",
"namespace": "ssvc",
"values": [
"medium"
],
"version": "1.0.0"
}
],
"timestamp": "2025-06-13T17:22:30.584Z"
},
"type": "ssvcV1_0_1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125 Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-13T18:22:21.856Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://trustedcomputinggroup.org/about/security/"
},
{
"name": "TPM2.0 Errata",
"url": "https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.83-Errata_v1_pub.pdf"
},
{
"name": "Vendor Advisory",
"url": "https://trustedcomputinggroup.org/wp-content/uploads/VRT0009-Advisory-FINAL.pdf"
},
{
"name": "Vendor Patch",
"url": "https://github.com/stefanberger/libtpms/commit/04b2d8e9afc0a9b6bffe562a23e58c0de11532d1"
},
{
"name": "Related CVE",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49133"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation",
"x_generator": {
"engine": "VINCE 3.0.20",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-2884"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-2884",
"datePublished": "2025-06-10T17:29:19.463Z",
"dateReserved": "2025-03-27T21:01:41.908Z",
"dateUpdated": "2025-06-13T18:22:21.856Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-2884\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2025-06-10T18:15:30.617\",\"lastModified\":\"2025-06-13T18:15:21.710\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"TCG TPM2.0 Reference implementation\u0027s CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key\u0027s algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n auxiliar CryptHmacSign de la implementaci\u00f3n de referencia TCG TPM2.0 es vulnerable a lecturas fuera de los l\u00edmites debido a la falta de validaci\u00f3n del esquema de firma con el algoritmo de la clave de firma. Consulte la errata 1.83 del est\u00e1ndar TCG TPM2.0.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H\",\"baseScore\":6.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"references\":[{\"url\":\"https://github.com/stefanberger/libtpms/commit/04b2d8e9afc0a9b6bffe562a23e58c0de11532d1\",\"source\":\"cret@cert.org\"},{\"url\":\"https://trustedcomputinggroup.org/about/security/\",\"source\":\"cret@cert.org\"},{\"url\":\"https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.83-Errata_v1_pub.pdf\",\"source\":\"cret@cert.org\"},{\"url\":\"https://trustedcomputinggroup.org/wp-content/uploads/VRT0009-Advisory-FINAL.pdf\",\"source\":\"cret@cert.org\"},{\"url\":\"https://www.cve.org/CVERecord?id=CVE-2025-49133\",\"source\":\"cret@cert.org\"},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.kb.cert.org/vuls/id/282450\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html\"}, {\"url\": \"https://www.kb.cert.org/vuls/id/282450\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-06-10T19:02:29.811Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.6, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-2884\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-13T01:41:10.489446Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125 Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-11T15:04:54.186Z\"}}], \"cna\": {\"title\": \"Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation\", \"source\": {\"discovery\": \"INTERNAL\"}, \"metrics\": [{\"other\": {\"type\": \"ssvcV1_0_1\", \"content\": {\"id\": \"CVE-2025-2884\", \"timestamp\": \"2025-06-13T17:22:30.584Z\", \"selections\": [{\"name\": \"Exploitation\", \"values\": [\"none\"], \"version\": \"1.0.0\", \"namespace\": \"ssvc\"}, {\"name\": \"Automatable\", \"values\": [\"no\"], \"version\": \"2.0.0\", \"namespace\": \"ssvc\"}, {\"name\": \"Technical Impact\", \"values\": [\"partial\"], \"version\": \"1.0.0\", \"namespace\": \"ssvc\"}, {\"name\": \"Mission \u0026 Well-being\", \"values\": [\"medium\"], \"version\": \"1.0.0\", \"namespace\": \"ssvc\"}]}}}], \"affected\": [{\"vendor\": \"Trusted Computing Group\", \"product\": \"TPM2.0\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.83\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://trustedcomputinggroup.org/about/security/\"}, {\"url\": \"https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.83-Errata_v1_pub.pdf\", \"name\": \"TPM2.0 Errata\"}, {\"url\": \"https://trustedcomputinggroup.org/wp-content/uploads/VRT0009-Advisory-FINAL.pdf\", \"name\": \"Vendor Advisory\"}, {\"url\": \"https://github.com/stefanberger/libtpms/commit/04b2d8e9afc0a9b6bffe562a23e58c0de11532d1\", \"name\": \"Vendor Patch\"}, {\"url\": \"https://www.cve.org/CVERecord?id=CVE-2025-49133\", \"name\": \"Related CVE\"}], \"x_generator\": {\"env\": \"prod\", \"engine\": \"VINCE 3.0.20\", \"origin\": \"https://cveawg.mitre.org/api/cve/CVE-2025-2884\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"TCG TPM2.0 Reference implementation\u0027s CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key\u0027s algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-125 Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"37e5125f-f79b-445b-8fad-9564f167944b\", \"shortName\": \"certcc\", \"dateUpdated\": \"2025-06-13T18:22:21.856Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-2884\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-13T18:22:21.856Z\", \"dateReserved\": \"2025-03-27T21:01:41.908Z\", \"assignerOrgId\": \"37e5125f-f79b-445b-8fad-9564f167944b\", \"datePublished\": \"2025-06-10T17:29:19.463Z\", \"assignerShortName\": \"certcc\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2025-AVI-0879
Vulnerability from certfr_avis - Published: 2025-10-15 - Updated: 2025-10-15
De multiples vulnérabilités ont été découvertes dans Microsoft Windows. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Microsoft indique que les vulnérabilités CVE-2025-24990, CVE-2025-47827 et CVE-2025-59230 sont activement exploitées.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Windows | Windows 10 pour systèmes x64 versions antérieures à 10.0.10240.21161 | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes x64 versions antérieures à 10.0.14393.8519 | ||
| Microsoft | Windows | Windows Server 2012 (Server Core installation) versions antérieures à 6.2.9200.25722 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) versions antérieures à 1.000 | ||
| Microsoft | Windows | Windows Server 2012 R2 versions antérieures à 6.3.9600.22824 | ||
| Microsoft | Windows | Windows Server 2022 versions antérieures à 10.0.20348.4294 | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes x64 versions antérieures à 10.0.19044.6456 | ||
| Microsoft | Windows | Windows Server 2022 (Server Core installation) versions antérieures à 10.0.20348.4294 | ||
| Microsoft | Windows | Windows App Client pour Windows Desktop versions antérieures à 2.0.706.0 | ||
| Microsoft | Windows | Remote Desktop client pour Windows Desktop versions antérieures à 1.2.6599.0 | ||
| Microsoft | Windows | Windows Server 2016 versions antérieures à 10.0.14393.8519 | ||
| Microsoft | Windows | Windows Server 2019 (Server Core installation) versions antérieures à 10.0.17763.7919 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.19045.6456 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 versions antérieures à 6.0.6003.23571 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 versions antérieures à 6.1.7601.27974 | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes ARM64 versions antérieures à 10.0.19044.6456 | ||
| Microsoft | Windows | Windows 11 Version 24H2 pour systèmes x64 versions antérieures à 10.0.26100.6899 | ||
| Microsoft | Windows | Windows Server 2022, 23H2 Edition (Server Core installation) versions antérieures à 10.0.25398.1913 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 versions antérieures à 6.0.6003.23571 | ||
| Microsoft | Windows | Windows Server 2025 versions antérieures à 10.0.26100.6899 | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes 32 bits versions antérieures à 10.0.19044.6456 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes 32 bits versions antérieures à 10.0.19045.6456 | ||
| Microsoft | Windows | Windows 11 Version 25H2 pour systèmes ARM64 versions antérieures à 10.0.26200.6899 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes x64 versions antérieures à 10.0.19045.6456 | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.22621.6060 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.23571 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes 32 bits versions antérieures à 10.0.17763.7919 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes x64 versions antérieures à 10.0.22631.6060 | ||
| Microsoft | Windows | Windows Server 2012 R2 (Server Core installation) versions antérieures à 6.3.9600.22824 | ||
| Microsoft | Windows | Windows Server 2025 (Server Core installation) versions antérieures à 10.0.26100.6899 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes ARM64 versions antérieures à 10.0.22631.6060 | ||
| Microsoft | Windows | Windows Server 2016 (Server Core installation) versions antérieures à 10.0.14393.8519 | ||
| Microsoft | Windows | Windows 11 Version 24H2 pour systèmes ARM64 versions antérieures à 10.0.26100.6899 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) versions antérieures à 6.1.7601.27974 | ||
| Microsoft | Windows | Windows Server 2019 versions antérieures à 10.0.17763.7919 | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes 32 bits versions antérieures à 10.0.14393.8519 | ||
| Microsoft | Windows | Windows Server 2012 versions antérieures à 6.2.9200.25722 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes x64 versions antérieures à 10.0.17763.7919 | ||
| Microsoft | Windows | Windows 10 pour systèmes 32 bits versions antérieures à 10.0.10240.21161 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows 10 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.10240.21161",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.14393.8519",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 6.2.9200.25722",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 1.000",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 6.3.9600.22824",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 versions ant\u00e9rieures \u00e0 10.0.20348.4294",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19044.6456",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.20348.4294",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows App Client pour Windows Desktop versions ant\u00e9rieures \u00e0 2.0.706.0",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Remote Desktop client pour Windows Desktop versions ant\u00e9rieures \u00e0 1.2.6599.0",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 versions ant\u00e9rieures \u00e0 10.0.14393.8519",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.17763.7919",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19045.6456",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.23571",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 versions ant\u00e9rieures \u00e0 6.1.7601.27974",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19044.6456",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26100.6899",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022, 23H2 Edition (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.25398.1913",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.23571",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 versions ant\u00e9rieures \u00e0 10.0.26100.6899",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19044.6456",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19045.6456",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 25H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26200.6899",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19045.6456",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22621.6060",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.23571",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.17763.7919",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22631.6060",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.3.9600.22824",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.26100.6899",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22631.6060",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.14393.8519",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26100.6899",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation) versions ant\u00e9rieures \u00e0 6.1.7601.27974",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 versions ant\u00e9rieures \u00e0 10.0.17763.7919",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.14393.8519",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 6.2.9200.25722",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.17763.7919",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.10240.21161",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-55691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55691"
},
{
"name": "CVE-2025-58738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58738"
},
{
"name": "CVE-2025-58729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58729"
},
{
"name": "CVE-2025-55684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55684"
},
{
"name": "CVE-2025-59197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59197"
},
{
"name": "CVE-2025-55679",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55679"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2025-58719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58719"
},
{
"name": "CVE-2025-59190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59190"
},
{
"name": "CVE-2025-58736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58736"
},
{
"name": "CVE-2025-59254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59254"
},
{
"name": "CVE-2025-59206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59206"
},
{
"name": "CVE-2025-59295",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59295"
},
{
"name": "CVE-2025-59287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59287"
},
{
"name": "CVE-2025-55678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55678"
},
{
"name": "CVE-2025-59208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59208"
},
{
"name": "CVE-2025-58731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58731"
},
{
"name": "CVE-2025-55339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55339"
},
{
"name": "CVE-2025-59191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59191"
},
{
"name": "CVE-2025-55676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55676"
},
{
"name": "CVE-2025-58730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58730"
},
{
"name": "CVE-2025-59187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59187"
},
{
"name": "CVE-2025-55685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55685"
},
{
"name": "CVE-2025-59257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59257"
},
{
"name": "CVE-2025-58735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58735"
},
{
"name": "CVE-2025-58717",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58717"
},
{
"name": "CVE-2025-59199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59199"
},
{
"name": "CVE-2025-59278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59278"
},
{
"name": "CVE-2025-59198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59198"
},
{
"name": "CVE-2025-58725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58725"
},
{
"name": "CVE-2025-55332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55332"
},
{
"name": "CVE-2025-59230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59230"
},
{
"name": "CVE-2025-55690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55690"
},
{
"name": "CVE-2025-58732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58732"
},
{
"name": "CVE-2025-59194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59194"
},
{
"name": "CVE-2025-59258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59258"
},
{
"name": "CVE-2025-55687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55687"
},
{
"name": "CVE-2025-55335",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55335"
},
{
"name": "CVE-2025-53139",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53139"
},
{
"name": "CVE-2025-59192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59192"
},
{
"name": "CVE-2025-59255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59255"
},
{
"name": "CVE-2025-58726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58726"
},
{
"name": "CVE-2025-47979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47979"
},
{
"name": "CVE-2025-59186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59186"
},
{
"name": "CVE-2025-58716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58716"
},
{
"name": "CVE-2025-58733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58733"
},
{
"name": "CVE-2025-59201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59201"
},
{
"name": "CVE-2025-58720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58720"
},
{
"name": "CVE-2025-59207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59207"
},
{
"name": "CVE-2025-55333",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55333"
},
{
"name": "CVE-2025-59200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59200"
},
{
"name": "CVE-2025-59282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59282"
},
{
"name": "CVE-2025-55682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55682"
},
{
"name": "CVE-2025-55694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55694"
},
{
"name": "CVE-2025-58737",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58737"
},
{
"name": "CVE-2025-55331",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55331"
},
{
"name": "CVE-2025-59261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59261"
},
{
"name": "CVE-2025-55325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55325"
},
{
"name": "CVE-2025-59259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59259"
},
{
"name": "CVE-2025-55334",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55334"
},
{
"name": "CVE-2025-59205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59205"
},
{
"name": "CVE-2025-48813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48813"
},
{
"name": "CVE-2025-48004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48004"
},
{
"name": "CVE-2025-59260",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59260"
},
{
"name": "CVE-2025-55688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55688"
},
{
"name": "CVE-2025-55701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55701"
},
{
"name": "CVE-2025-59189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59189"
},
{
"name": "CVE-2025-55330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55330"
},
{
"name": "CVE-2025-55698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55698"
},
{
"name": "CVE-2025-49708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49708"
},
{
"name": "CVE-2025-59195",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59195"
},
{
"name": "CVE-2025-50152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50152"
},
{
"name": "CVE-2025-59294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59294"
},
{
"name": "CVE-2025-59214",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59214"
},
{
"name": "CVE-2025-55693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55693"
},
{
"name": "CVE-2025-59204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59204"
},
{
"name": "CVE-2025-55336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55336"
},
{
"name": "CVE-2025-24052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24052"
},
{
"name": "CVE-2025-55338",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55338"
},
{
"name": "CVE-2025-55692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55692"
},
{
"name": "CVE-2025-55326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55326"
},
{
"name": "CVE-2025-59244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59244"
},
{
"name": "CVE-2025-55696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55696"
},
{
"name": "CVE-2025-59184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59184"
},
{
"name": "CVE-2025-59209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59209"
},
{
"name": "CVE-2025-55686",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55686"
},
{
"name": "CVE-2025-47827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47827"
},
{
"name": "CVE-2025-59277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59277"
},
{
"name": "CVE-2025-59253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59253"
},
{
"name": "CVE-2025-50174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50174"
},
{
"name": "CVE-2025-59241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59241"
},
{
"name": "CVE-2025-58728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58728"
},
{
"name": "CVE-2025-53150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53150"
},
{
"name": "CVE-2025-59242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59242"
},
{
"name": "CVE-2025-55677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55677"
},
{
"name": "CVE-2025-59185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59185"
},
{
"name": "CVE-2025-55681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55681"
},
{
"name": "CVE-2025-58718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58718"
},
{
"name": "CVE-2025-55700",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55700"
},
{
"name": "CVE-2025-59502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59502"
},
{
"name": "CVE-2025-59275",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59275"
},
{
"name": "CVE-2025-59284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59284"
},
{
"name": "CVE-2025-55340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55340"
},
{
"name": "CVE-2025-58734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58734"
},
{
"name": "CVE-2025-55697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55697"
},
{
"name": "CVE-2025-59203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59203"
},
{
"name": "CVE-2025-58715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58715"
},
{
"name": "CVE-2025-55695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55695"
},
{
"name": "CVE-2025-59289",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59289"
},
{
"name": "CVE-2025-58714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58714"
},
{
"name": "CVE-2025-25004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25004"
},
{
"name": "CVE-2025-53768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53768"
},
{
"name": "CVE-2025-55699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55699"
},
{
"name": "CVE-2025-50175",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50175"
},
{
"name": "CVE-2025-59211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59211"
},
{
"name": "CVE-2025-58739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58739"
},
{
"name": "CVE-2025-59202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59202"
},
{
"name": "CVE-2025-59193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59193"
},
{
"name": "CVE-2025-55683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55683"
},
{
"name": "CVE-2025-59280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59280"
},
{
"name": "CVE-2025-24990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24990"
},
{
"name": "CVE-2025-59210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59210"
},
{
"name": "CVE-2025-58722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58722"
},
{
"name": "CVE-2025-59188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59188"
},
{
"name": "CVE-2025-55689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55689"
},
{
"name": "CVE-2025-58727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58727"
},
{
"name": "CVE-2025-55328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55328"
},
{
"name": "CVE-2025-59290",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59290"
},
{
"name": "CVE-2025-55680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55680"
},
{
"name": "CVE-2025-2884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2884"
},
{
"name": "CVE-2025-53717",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53717"
},
{
"name": "CVE-2025-59196",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59196"
},
{
"name": "CVE-2025-55337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55337"
},
{
"name": "CVE-2016-9535",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9535"
},
{
"name": "CVE-2025-54957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54957"
}
],
"initial_release_date": "2025-10-15T00:00:00",
"last_revision_date": "2025-10-15T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0879",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Windows. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n\nMicrosoft indique que les vuln\u00e9rabilit\u00e9s CVE-2025-24990, CVE-2025-47827 et CVE-2025-59230 sont activement exploit\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
"vendor_advisories": [
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59205",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59205"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55682",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55682"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58727",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58727"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59204",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59204"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59275",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59275"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-50175",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50175"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55697",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55697"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58737",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58737"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55326",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55326"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-53139",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53139"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59502",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59502"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55328",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55328"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59261",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59261"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59214",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59214"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58718",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58718"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58738",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58738"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55687",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55687"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59255",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59255"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-48004",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48004"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59284",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59284"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58720",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58720"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55688",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55688"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55700",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55700"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59259",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59259"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59196",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59196"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55336",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55336"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55696",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55696"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55685",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55685"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55694",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55694"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-47827",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47827"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59254",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59254"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55340",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55340"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58722",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58722"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55690",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55690"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55692",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55692"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59184",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59184"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59192",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59192"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55683",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55683"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58731",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58731"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-54957",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54957"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58714",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58714"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55689",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55689"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55693",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55693"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59194",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59194"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59289",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59289"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59211",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59211"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59197",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59197"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58736",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58736"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58716",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58716"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55333",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55333"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59190",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59190"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59198",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59198"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58729",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58729"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-53150",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53150"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59202",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59202"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58730",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58730"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58733",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58733"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59200",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59200"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55701",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55701"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58734",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58734"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55698",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55698"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-25004",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25004"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59209",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59209"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59290",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59290"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59191",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59191"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55332",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55332"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55678",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55678"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59278",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59278"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59242",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59242"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55331",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55331"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58715",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58715"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59230",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59230"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-47979",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47979"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59188",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59188"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59201",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59201"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55677",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55677"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59244",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59244"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58719",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58719"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58739",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58739"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-24052",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24052"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58735",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58735"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55691",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55691"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55676",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55676"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55337",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55337"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59241",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59241"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55335",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55335"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59206",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59206"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59295",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59295"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55681",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55681"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55330",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55330"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59280",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59280"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59258",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59258"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59282",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59282"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59186",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59186"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55699",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55699"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-24990",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24990"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59203",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59203"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59260",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59260"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55248",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55248"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58726",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58726"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55684",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55684"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59277",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59277"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-48813",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48813"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59193",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59193"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59189",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59189"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55339",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55339"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58728",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58728"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59207",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59207"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55338",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55338"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59210",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59210"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58717",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58717"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2016-9535",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-9535"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58725",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58725"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-2884",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-2884"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-53768",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53768"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59287",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59257",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59257"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55686",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55686"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59185",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59185"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55680",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55680"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59294",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59294"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-49708",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49708"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55334",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55334"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59187",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59187"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-50174",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50174"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-53717",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53717"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59253",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59253"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58732",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58732"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55679",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55679"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59195",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59195"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-50152",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50152"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59199",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59199"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55695",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55695"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55325",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55325"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59208",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59208"
}
]
}
CERTFR-2025-AVI-0497
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans les processeurs Intel. Elle permet à un attaquant de provoquer un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "les processeurs Intel sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-2884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2884"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0497",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les processeurs Intel. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni de service.",
"title": "Vuln\u00e9rabilit\u00e9 dans les processeurs Intel",
"vendor_advisories": [
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01209",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html"
}
]
}
CERTFR-2025-AVI-0879
Vulnerability from certfr_avis - Published: 2025-10-15 - Updated: 2025-10-15
De multiples vulnérabilités ont été découvertes dans Microsoft Windows. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Microsoft indique que les vulnérabilités CVE-2025-24990, CVE-2025-47827 et CVE-2025-59230 sont activement exploitées.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Windows | Windows 10 pour systèmes x64 versions antérieures à 10.0.10240.21161 | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes x64 versions antérieures à 10.0.14393.8519 | ||
| Microsoft | Windows | Windows Server 2012 (Server Core installation) versions antérieures à 6.2.9200.25722 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) versions antérieures à 1.000 | ||
| Microsoft | Windows | Windows Server 2012 R2 versions antérieures à 6.3.9600.22824 | ||
| Microsoft | Windows | Windows Server 2022 versions antérieures à 10.0.20348.4294 | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes x64 versions antérieures à 10.0.19044.6456 | ||
| Microsoft | Windows | Windows Server 2022 (Server Core installation) versions antérieures à 10.0.20348.4294 | ||
| Microsoft | Windows | Windows App Client pour Windows Desktop versions antérieures à 2.0.706.0 | ||
| Microsoft | Windows | Remote Desktop client pour Windows Desktop versions antérieures à 1.2.6599.0 | ||
| Microsoft | Windows | Windows Server 2016 versions antérieures à 10.0.14393.8519 | ||
| Microsoft | Windows | Windows Server 2019 (Server Core installation) versions antérieures à 10.0.17763.7919 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.19045.6456 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 versions antérieures à 6.0.6003.23571 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 versions antérieures à 6.1.7601.27974 | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes ARM64 versions antérieures à 10.0.19044.6456 | ||
| Microsoft | Windows | Windows 11 Version 24H2 pour systèmes x64 versions antérieures à 10.0.26100.6899 | ||
| Microsoft | Windows | Windows Server 2022, 23H2 Edition (Server Core installation) versions antérieures à 10.0.25398.1913 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 versions antérieures à 6.0.6003.23571 | ||
| Microsoft | Windows | Windows Server 2025 versions antérieures à 10.0.26100.6899 | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes 32 bits versions antérieures à 10.0.19044.6456 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes 32 bits versions antérieures à 10.0.19045.6456 | ||
| Microsoft | Windows | Windows 11 Version 25H2 pour systèmes ARM64 versions antérieures à 10.0.26200.6899 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes x64 versions antérieures à 10.0.19045.6456 | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.22621.6060 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.23571 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes 32 bits versions antérieures à 10.0.17763.7919 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes x64 versions antérieures à 10.0.22631.6060 | ||
| Microsoft | Windows | Windows Server 2012 R2 (Server Core installation) versions antérieures à 6.3.9600.22824 | ||
| Microsoft | Windows | Windows Server 2025 (Server Core installation) versions antérieures à 10.0.26100.6899 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes ARM64 versions antérieures à 10.0.22631.6060 | ||
| Microsoft | Windows | Windows Server 2016 (Server Core installation) versions antérieures à 10.0.14393.8519 | ||
| Microsoft | Windows | Windows 11 Version 24H2 pour systèmes ARM64 versions antérieures à 10.0.26100.6899 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) versions antérieures à 6.1.7601.27974 | ||
| Microsoft | Windows | Windows Server 2019 versions antérieures à 10.0.17763.7919 | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes 32 bits versions antérieures à 10.0.14393.8519 | ||
| Microsoft | Windows | Windows Server 2012 versions antérieures à 6.2.9200.25722 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes x64 versions antérieures à 10.0.17763.7919 | ||
| Microsoft | Windows | Windows 10 pour systèmes 32 bits versions antérieures à 10.0.10240.21161 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows 10 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.10240.21161",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.14393.8519",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 6.2.9200.25722",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 1.000",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 6.3.9600.22824",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 versions ant\u00e9rieures \u00e0 10.0.20348.4294",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19044.6456",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.20348.4294",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows App Client pour Windows Desktop versions ant\u00e9rieures \u00e0 2.0.706.0",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Remote Desktop client pour Windows Desktop versions ant\u00e9rieures \u00e0 1.2.6599.0",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 versions ant\u00e9rieures \u00e0 10.0.14393.8519",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.17763.7919",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19045.6456",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.23571",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 versions ant\u00e9rieures \u00e0 6.1.7601.27974",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19044.6456",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26100.6899",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022, 23H2 Edition (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.25398.1913",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.23571",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 versions ant\u00e9rieures \u00e0 10.0.26100.6899",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19044.6456",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19045.6456",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 25H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26200.6899",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19045.6456",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22621.6060",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.23571",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.17763.7919",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22631.6060",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.3.9600.22824",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.26100.6899",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22631.6060",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.14393.8519",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26100.6899",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation) versions ant\u00e9rieures \u00e0 6.1.7601.27974",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 versions ant\u00e9rieures \u00e0 10.0.17763.7919",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.14393.8519",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 6.2.9200.25722",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.17763.7919",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.10240.21161",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-55691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55691"
},
{
"name": "CVE-2025-58738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58738"
},
{
"name": "CVE-2025-58729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58729"
},
{
"name": "CVE-2025-55684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55684"
},
{
"name": "CVE-2025-59197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59197"
},
{
"name": "CVE-2025-55679",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55679"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2025-58719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58719"
},
{
"name": "CVE-2025-59190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59190"
},
{
"name": "CVE-2025-58736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58736"
},
{
"name": "CVE-2025-59254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59254"
},
{
"name": "CVE-2025-59206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59206"
},
{
"name": "CVE-2025-59295",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59295"
},
{
"name": "CVE-2025-59287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59287"
},
{
"name": "CVE-2025-55678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55678"
},
{
"name": "CVE-2025-59208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59208"
},
{
"name": "CVE-2025-58731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58731"
},
{
"name": "CVE-2025-55339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55339"
},
{
"name": "CVE-2025-59191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59191"
},
{
"name": "CVE-2025-55676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55676"
},
{
"name": "CVE-2025-58730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58730"
},
{
"name": "CVE-2025-59187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59187"
},
{
"name": "CVE-2025-55685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55685"
},
{
"name": "CVE-2025-59257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59257"
},
{
"name": "CVE-2025-58735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58735"
},
{
"name": "CVE-2025-58717",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58717"
},
{
"name": "CVE-2025-59199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59199"
},
{
"name": "CVE-2025-59278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59278"
},
{
"name": "CVE-2025-59198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59198"
},
{
"name": "CVE-2025-58725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58725"
},
{
"name": "CVE-2025-55332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55332"
},
{
"name": "CVE-2025-59230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59230"
},
{
"name": "CVE-2025-55690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55690"
},
{
"name": "CVE-2025-58732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58732"
},
{
"name": "CVE-2025-59194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59194"
},
{
"name": "CVE-2025-59258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59258"
},
{
"name": "CVE-2025-55687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55687"
},
{
"name": "CVE-2025-55335",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55335"
},
{
"name": "CVE-2025-53139",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53139"
},
{
"name": "CVE-2025-59192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59192"
},
{
"name": "CVE-2025-59255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59255"
},
{
"name": "CVE-2025-58726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58726"
},
{
"name": "CVE-2025-47979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47979"
},
{
"name": "CVE-2025-59186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59186"
},
{
"name": "CVE-2025-58716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58716"
},
{
"name": "CVE-2025-58733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58733"
},
{
"name": "CVE-2025-59201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59201"
},
{
"name": "CVE-2025-58720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58720"
},
{
"name": "CVE-2025-59207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59207"
},
{
"name": "CVE-2025-55333",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55333"
},
{
"name": "CVE-2025-59200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59200"
},
{
"name": "CVE-2025-59282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59282"
},
{
"name": "CVE-2025-55682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55682"
},
{
"name": "CVE-2025-55694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55694"
},
{
"name": "CVE-2025-58737",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58737"
},
{
"name": "CVE-2025-55331",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55331"
},
{
"name": "CVE-2025-59261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59261"
},
{
"name": "CVE-2025-55325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55325"
},
{
"name": "CVE-2025-59259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59259"
},
{
"name": "CVE-2025-55334",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55334"
},
{
"name": "CVE-2025-59205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59205"
},
{
"name": "CVE-2025-48813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48813"
},
{
"name": "CVE-2025-48004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48004"
},
{
"name": "CVE-2025-59260",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59260"
},
{
"name": "CVE-2025-55688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55688"
},
{
"name": "CVE-2025-55701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55701"
},
{
"name": "CVE-2025-59189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59189"
},
{
"name": "CVE-2025-55330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55330"
},
{
"name": "CVE-2025-55698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55698"
},
{
"name": "CVE-2025-49708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49708"
},
{
"name": "CVE-2025-59195",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59195"
},
{
"name": "CVE-2025-50152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50152"
},
{
"name": "CVE-2025-59294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59294"
},
{
"name": "CVE-2025-59214",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59214"
},
{
"name": "CVE-2025-55693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55693"
},
{
"name": "CVE-2025-59204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59204"
},
{
"name": "CVE-2025-55336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55336"
},
{
"name": "CVE-2025-24052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24052"
},
{
"name": "CVE-2025-55338",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55338"
},
{
"name": "CVE-2025-55692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55692"
},
{
"name": "CVE-2025-55326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55326"
},
{
"name": "CVE-2025-59244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59244"
},
{
"name": "CVE-2025-55696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55696"
},
{
"name": "CVE-2025-59184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59184"
},
{
"name": "CVE-2025-59209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59209"
},
{
"name": "CVE-2025-55686",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55686"
},
{
"name": "CVE-2025-47827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47827"
},
{
"name": "CVE-2025-59277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59277"
},
{
"name": "CVE-2025-59253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59253"
},
{
"name": "CVE-2025-50174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50174"
},
{
"name": "CVE-2025-59241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59241"
},
{
"name": "CVE-2025-58728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58728"
},
{
"name": "CVE-2025-53150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53150"
},
{
"name": "CVE-2025-59242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59242"
},
{
"name": "CVE-2025-55677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55677"
},
{
"name": "CVE-2025-59185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59185"
},
{
"name": "CVE-2025-55681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55681"
},
{
"name": "CVE-2025-58718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58718"
},
{
"name": "CVE-2025-55700",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55700"
},
{
"name": "CVE-2025-59502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59502"
},
{
"name": "CVE-2025-59275",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59275"
},
{
"name": "CVE-2025-59284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59284"
},
{
"name": "CVE-2025-55340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55340"
},
{
"name": "CVE-2025-58734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58734"
},
{
"name": "CVE-2025-55697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55697"
},
{
"name": "CVE-2025-59203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59203"
},
{
"name": "CVE-2025-58715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58715"
},
{
"name": "CVE-2025-55695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55695"
},
{
"name": "CVE-2025-59289",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59289"
},
{
"name": "CVE-2025-58714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58714"
},
{
"name": "CVE-2025-25004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25004"
},
{
"name": "CVE-2025-53768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53768"
},
{
"name": "CVE-2025-55699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55699"
},
{
"name": "CVE-2025-50175",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50175"
},
{
"name": "CVE-2025-59211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59211"
},
{
"name": "CVE-2025-58739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58739"
},
{
"name": "CVE-2025-59202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59202"
},
{
"name": "CVE-2025-59193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59193"
},
{
"name": "CVE-2025-55683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55683"
},
{
"name": "CVE-2025-59280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59280"
},
{
"name": "CVE-2025-24990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24990"
},
{
"name": "CVE-2025-59210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59210"
},
{
"name": "CVE-2025-58722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58722"
},
{
"name": "CVE-2025-59188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59188"
},
{
"name": "CVE-2025-55689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55689"
},
{
"name": "CVE-2025-58727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58727"
},
{
"name": "CVE-2025-55328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55328"
},
{
"name": "CVE-2025-59290",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59290"
},
{
"name": "CVE-2025-55680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55680"
},
{
"name": "CVE-2025-2884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2884"
},
{
"name": "CVE-2025-53717",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53717"
},
{
"name": "CVE-2025-59196",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59196"
},
{
"name": "CVE-2025-55337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55337"
},
{
"name": "CVE-2016-9535",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9535"
},
{
"name": "CVE-2025-54957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54957"
}
],
"initial_release_date": "2025-10-15T00:00:00",
"last_revision_date": "2025-10-15T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0879",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Windows. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n\nMicrosoft indique que les vuln\u00e9rabilit\u00e9s CVE-2025-24990, CVE-2025-47827 et CVE-2025-59230 sont activement exploit\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
"vendor_advisories": [
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59205",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59205"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55682",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55682"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58727",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58727"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59204",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59204"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59275",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59275"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-50175",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50175"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55697",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55697"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58737",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58737"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55326",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55326"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-53139",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53139"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59502",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59502"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55328",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55328"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59261",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59261"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59214",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59214"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58718",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58718"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58738",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58738"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55687",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55687"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59255",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59255"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-48004",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48004"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59284",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59284"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58720",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58720"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55688",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55688"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55700",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55700"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59259",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59259"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59196",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59196"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55336",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55336"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55696",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55696"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55685",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55685"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55694",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55694"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-47827",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47827"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59254",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59254"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55340",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55340"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58722",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58722"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55690",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55690"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55692",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55692"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59184",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59184"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59192",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59192"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55683",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55683"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58731",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58731"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-54957",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54957"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58714",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58714"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55689",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55689"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55693",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55693"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59194",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59194"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59289",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59289"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59211",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59211"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59197",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59197"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58736",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58736"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58716",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58716"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55333",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55333"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59190",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59190"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59198",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59198"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58729",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58729"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-53150",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53150"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59202",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59202"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58730",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58730"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58733",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58733"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59200",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59200"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55701",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55701"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58734",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58734"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55698",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55698"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-25004",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25004"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59209",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59209"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59290",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59290"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59191",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59191"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55332",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55332"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55678",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55678"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59278",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59278"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59242",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59242"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55331",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55331"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58715",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58715"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59230",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59230"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-47979",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47979"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59188",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59188"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59201",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59201"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55677",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55677"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59244",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59244"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58719",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58719"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58739",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58739"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-24052",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24052"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58735",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58735"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55691",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55691"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55676",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55676"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55337",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55337"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59241",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59241"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55335",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55335"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59206",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59206"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59295",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59295"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55681",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55681"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55330",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55330"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59280",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59280"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59258",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59258"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59282",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59282"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59186",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59186"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55699",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55699"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-24990",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24990"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59203",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59203"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59260",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59260"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55248",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55248"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58726",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58726"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55684",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55684"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59277",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59277"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-48813",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48813"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59193",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59193"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59189",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59189"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55339",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55339"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58728",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58728"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59207",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59207"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55338",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55338"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59210",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59210"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58717",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58717"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2016-9535",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-9535"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58725",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58725"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-2884",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-2884"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-53768",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53768"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59287",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59257",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59257"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55686",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55686"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59185",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59185"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55680",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55680"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59294",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59294"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-49708",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49708"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55334",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55334"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59187",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59187"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-50174",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50174"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-53717",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53717"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59253",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59253"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-58732",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58732"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55679",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55679"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59195",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59195"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-50152",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50152"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59199",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59199"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55695",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55695"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-55325",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55325"
},
{
"published_at": "2025-10-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-59208",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59208"
}
]
}
CERTFR-2025-AVI-0497
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans les processeurs Intel. Elle permet à un attaquant de provoquer un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "les processeurs Intel sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-2884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2884"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0497",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les processeurs Intel. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni de service.",
"title": "Vuln\u00e9rabilit\u00e9 dans les processeurs Intel",
"vendor_advisories": [
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01209",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html"
}
]
}
NCSC-2025-0357
Vulnerability from csaf_ncscnl - Published: 2025-11-11 18:14 - Updated: 2025-11-11 18:14Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten als Altair Grid Engine, COMOS, LOGO, SICAM, SIDOOR, SIMATIC, SIPLUS, Spectrum Power en Solid Edge.
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- (Remote) code execution (root/admin rechten)
- Toegang tot systeemgegevens
- Toegang tot gevoelige gegevens
- Verhogen van rechten
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-125
Out-of-bounds Read
CWE-184
Incomplete List of Disallowed Inputs
CWE-209
Generation of Error Message Containing Sensitive Information
CWE-266
Incorrect Privilege Assignment
CWE-295
Improper Certificate Validation
CWE-306
Missing Authentication for Critical Function
CWE-319
Cleartext Transmission of Sensitive Information
CWE-352
Cross-Site Request Forgery (CSRF)
CWE-420
Unprotected Alternate Channel
CWE-427
Uncontrolled Search Path Element
CWE-648
Incorrect Use of Privileged APIs
CWE-697
Incorrect Comparison
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Siemens heeft kwetsbaarheden verholpen in diverse producten als Altair Grid Engine, COMOS, LOGO, SICAM, SIDOOR, SIMATIC, SIPLUS, Spectrum Power en Solid Edge.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- (Remote) code execution (root/admin rechten)\n- Toegang tot systeemgegevens\n- Toegang tot gevoelige gegevens\n- Verhogen van rechten\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Incomplete List of Disallowed Inputs",
"title": "CWE-184"
},
{
"category": "general",
"text": "Generation of Error Message Containing Sensitive Information",
"title": "CWE-209"
},
{
"category": "general",
"text": "Incorrect Privilege Assignment",
"title": "CWE-266"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "general",
"text": "Cleartext Transmission of Sensitive Information",
"title": "CWE-319"
},
{
"category": "general",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
},
{
"category": "general",
"text": "Unprotected Alternate Channel",
"title": "CWE-420"
},
{
"category": "general",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
},
{
"category": "general",
"text": "Incorrect Use of Privileged APIs",
"title": "CWE-648"
},
{
"category": "general",
"text": "Incorrect Comparison",
"title": "CWE-697"
},
{
"category": "general",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "general",
"text": "Inclusion of Functionality from Untrusted Control Sphere",
"title": "CWE-829"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-201498.html"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-267056.html"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-339694.html"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-514895.html"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-522291.html"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-682326.html"
}
],
"title": "Kwetsbaarheden verholpen in Siemens producten",
"tracking": {
"current_release_date": "2025-11-11T18:14:44.487803Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2025-0357",
"initial_release_date": "2025-11-11T18:14:44.487803Z",
"revision_history": [
{
"date": "2025-11-11T18:14:44.487803Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Altair Grid Engine"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "COMOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "INTRALOG WMS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "JT2Go (Application)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "LOGO! 12/24RCE (6ED1052-1MD08-0BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "LOGO! 12/24RCEo (6ED1052-2MD08-0BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "LOGO! 230RCE (6ED1052-1FB08-0BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-8"
}
}
],
"category": "product_name",
"name": "LOGO! 230RCEo (6ED1052-2FB08-0BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-9"
}
}
],
"category": "product_name",
"name": "LOGO! 24CE (6ED1052-1CC08-0BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-10"
}
}
],
"category": "product_name",
"name": "LOGO! 24CEo (6ED1052-2CC08-0BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-11"
}
}
],
"category": "product_name",
"name": "LOGO! 24RCE (6ED1052-1HB08-0BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-12"
}
}
],
"category": "product_name",
"name": "LOGO! 24RCEo (6ED1052-2HB08-0BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-13"
}
}
],
"category": "product_name",
"name": "POWER METER SICAM Q100"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-14"
}
}
],
"category": "product_name",
"name": "POWER METER SICAM Q100 (7KG9501-0AA01-0AA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-15"
}
}
],
"category": "product_name",
"name": "POWER METER SICAM Q100 (7KG9501-0AA01-2AA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-16"
}
}
],
"category": "product_name",
"name": "POWER METER SICAM Q100 (7KG9501-0AA31-0AA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-17"
}
}
],
"category": "product_name",
"name": "POWER METER SICAM Q100 (7KG9501-0AA31-2AA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-18"
}
}
],
"category": "product_name",
"name": "POWER METER SICAM Q200 family"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-19"
}
}
],
"category": "product_name",
"name": "Power Meter Sicam Q100"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-20"
}
}
],
"category": "product_name",
"name": "Power Meter Sicam Q200 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-21"
}
}
],
"category": "product_name",
"name": "Q200 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-22"
}
}
],
"category": "product_name",
"name": "SICAM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-23"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8500-0AA00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-24"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8500-0AA00-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-25"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8500-0AA10-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-26"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8500-0AA10-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-27"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8500-0AA30-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-28"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8500-0AA30-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-29"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8501-0AA01-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-30"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8501-0AA01-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-31"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8501-0AA02-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-32"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8501-0AA02-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-33"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8501-0AA11-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-34"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8501-0AA11-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-35"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8501-0AA12-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-36"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8501-0AA12-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-37"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8501-0AA31-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-38"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8501-0AA31-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-39"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8501-0AA32-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-40"
}
}
],
"category": "product_name",
"name": "SICAM P850 (7KG8501-0AA32-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-41"
}
}
],
"category": "product_name",
"name": "SICAM P850 Firmware (OS)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-42"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8550-0AA00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-43"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8550-0AA00-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-44"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8550-0AA10-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-45"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8550-0AA10-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-46"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8550-0AA30-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-47"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8550-0AA30-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-48"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8551-0AA01-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-49"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8551-0AA01-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-50"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8551-0AA02-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-51"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8551-0AA02-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-52"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8551-0AA11-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-53"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8551-0AA11-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-54"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8551-0AA12-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-55"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8551-0AA12-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-56"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8551-0AA31-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-57"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8551-0AA31-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-58"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8551-0AA32-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-59"
}
}
],
"category": "product_name",
"name": "SICAM P855 (7KG8551-0AA32-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-60"
}
}
],
"category": "product_name",
"name": "SICAM P855 Firmware (OS)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-61"
}
}
],
"category": "product_name",
"name": "SIDIS Prime"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-62"
}
}
],
"category": "product_name",
"name": "SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-63"
}
}
],
"category": "product_name",
"name": "SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-64"
}
}
],
"category": "product_name",
"name": "SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-65"
}
}
],
"category": "product_name",
"name": "SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-66"
}
}
],
"category": "product_name",
"name": "SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-67"
}
}
],
"category": "product_name",
"name": "SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-68"
}
}
],
"category": "product_name",
"name": "SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-69"
}
}
],
"category": "product_name",
"name": "SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-70"
}
}
],
"category": "product_name",
"name": "Sidis Prime"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-71"
}
}
],
"category": "product_name",
"name": "Siemens SICAM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-72"
}
}
],
"category": "product_name",
"name": "Siemens Software Center"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-73"
}
}
],
"category": "product_name",
"name": "Siveillance Video"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-74"
}
}
],
"category": "product_name",
"name": "Siveillance Video 2022 R1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-75"
}
}
],
"category": "product_name",
"name": "Siveillance Video 2022 R2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-76"
}
}
],
"category": "product_name",
"name": "Siveillance Video 2022 R3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-77"
}
}
],
"category": "product_name",
"name": "Siveillance Video 2023 R1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-78"
}
}
],
"category": "product_name",
"name": "Siveillance Video 2023 R2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-79"
}
}
],
"category": "product_name",
"name": "Siveillance Video 2023 R3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-80"
}
}
],
"category": "product_name",
"name": "Solid Edge SE2025"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-81"
}
}
],
"category": "product_name",
"name": "Spectrum Power 4"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-82"
}
}
],
"category": "product_name",
"name": "Teamcenter Visualization"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-83"
}
}
],
"category": "product_name",
"name": "q200_firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-84"
}
}
],
"category": "product_name",
"name": "\u200bPower Meter Sicam Q200 Family"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-30901",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "other",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
},
{
"category": "description",
"text": "A vulnerability in all versions of POWER METER SICAM Q100 prior to V2.60 allows Cross-Site Request Forgery attacks via the web interface, enabling unauthorized actions through deceptive links clicked by authenticated users.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-30901 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-30901.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2023-30901"
},
{
"cve": "CVE-2023-31238",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "description",
"text": "All versions of POWER METER SICAM Q100 prior to V2.60 are vulnerable due to the lack of cookie protection flags, allowing attackers to impersonate legitimate users via session token access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-31238 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-31238.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2023-31238"
},
{
"cve": "CVE-2023-45133",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"notes": [
{
"category": "other",
"text": "Incomplete List of Disallowed Inputs",
"title": "CWE-184"
},
{
"category": "other",
"text": "Incorrect Comparison",
"title": "CWE-697"
},
{
"category": "description",
"text": "Babel and Splunk Enterprise have multiple vulnerabilities allowing arbitrary code execution, with Babel\u0027s flaws in specific methods and Splunk\u0027s third-party component errors posing significant risks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-45133 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-45133.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2023-45133"
},
{
"cve": "CVE-2024-0056",
"cwe": {
"id": "CWE-420",
"name": "Unprotected Alternate Channel"
},
"notes": [
{
"category": "other",
"text": "Unprotected Alternate Channel",
"title": "CWE-420"
},
{
"category": "other",
"text": "Cleartext Transmission of Sensitive Information",
"title": "CWE-319"
},
{
"category": "description",
"text": "Siemens and Microsoft have addressed multiple vulnerabilities across various products, including COMOS, .NET Framework, and SQL Data Providers, which could enable significant security breaches and data exposure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0056 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-0056.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2024-0056"
},
{
"cve": "CVE-2024-32008",
"cwe": {
"id": "CWE-648",
"name": "Incorrect Use of Privileged APIs"
},
"notes": [
{
"category": "other",
"text": "Incorrect Use of Privileged APIs",
"title": "CWE-648"
},
{
"category": "description",
"text": "The application contains a local privilege escalation vulnerability due to an exposed debug interface, allowing local users to execute code with administrative privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-32008 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-32008.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2024-32008"
},
{
"cve": "CVE-2024-32009",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"notes": [
{
"category": "other",
"text": "Incorrect Privilege Assignment",
"title": "CWE-266"
},
{
"category": "description",
"text": "The application contains a local privilege escalation vulnerability due to improper permissions on a binary, allowing local attackers to gain administrative privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-32009 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-32009.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2024-32009"
},
{
"cve": "CVE-2024-32010",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "description",
"text": "The application contains a vulnerability that exposes database credentials through a publicly accessible file, allowing attackers to connect as privileged users and execute system commands.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-32010 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-32010.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2024-32010"
},
{
"cve": "CVE-2024-32011",
"cwe": {
"id": "CWE-829",
"name": "Inclusion of Functionality from Untrusted Control Sphere"
},
"notes": [
{
"category": "other",
"text": "Inclusion of Functionality from Untrusted Control Sphere",
"title": "CWE-829"
},
{
"category": "description",
"text": "The application contains a vulnerability that permits arbitrary command execution via its user interface, which is accessible over the network and operates with administrative privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-32011 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-32011.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2024-32011"
},
{
"cve": "CVE-2024-32014",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "description",
"text": "The application contains a vulnerability that allows an attacker to alter the local database of application credentials, potentially leading to unauthorized administrative access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-32014 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-32014.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2024-32014"
},
{
"cve": "CVE-2025-2884",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Multiple vulnerabilities have been identified in various HPE servers and the TCG TPM2.0 Reference implementation, including Out-of-Bounds read issues and local denial of service exploits.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-2884 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-2884.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2025-2884"
},
{
"cve": "CVE-2025-40744",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "description",
"text": "Affected applications exhibit inadequate validation of client certificates for the License Service endpoint, which may allow remote attackers to perform man-in-the-middle attacks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40744 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40744.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2025-40744"
},
{
"cve": "CVE-2025-40760",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Generation of Error Message Containing Sensitive Information",
"title": "CWE-209"
},
{
"category": "description",
"text": "The affected products inadequately handle error messages, potentially exposing sensitive password hash information during user authentication, which could allow local attackers to extract and brute-force privileged account passwords.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40760 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40760.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2025-40760"
},
{
"cve": "CVE-2025-40763",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
},
{
"category": "description",
"text": "The document outlines a vulnerability in specific products that inadequately validate environment variables during shared library loading, enabling local attackers to execute arbitrary code with superuser privileges via path hijacking.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40763 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40763.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2025-40763"
},
{
"cve": "CVE-2025-40815",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "other",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "description",
"text": "Devices with vulnerabilities in TCP packet structure validation may allow attackers to exploit buffer overflows and execute arbitrary code.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40815 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40815.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2025-40815"
},
{
"cve": "CVE-2025-40816",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "description",
"text": "Affected devices lack necessary validations, allowing unauthenticated remote attackers to change the device\u0027s IP address, making it unreachable.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40816 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40816.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2025-40816"
},
{
"cve": "CVE-2025-40817",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "description",
"text": "Affected devices lack necessary validations, allowing unauthenticated remote attackers to alter the device\u0027s time, which may lead to unintended operational behavior.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40817 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40817.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2025-40817"
},
{
"cve": "CVE-2025-40827",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
},
{
"category": "description",
"text": "The application is vulnerable to DLL hijacking, allowing attackers to execute arbitrary code by placing a malicious DLL file on the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40827 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40827.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2025-40827"
}
]
}
NCSC-2025-0310
Vulnerability from csaf_ncscnl - Published: 2025-10-14 18:03 - Updated: 2025-10-24 11:09Summary
Kwetsbaarheden verholpen in Microsoft Windows
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Microsoft heeft kwetsbaarheden verholpen in Windows.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service
- Omzeilen van een beveiligingsmaatregel
- Manipulatie van gegevens
- Uitvoeren van willekeurige code (gebruikersrechten)
- Uitvoeren van willekeurige code (root/adminrechten)
- Toegang tot gevoelige gegevens
- Verkrijgen van verhoogde rechten
- Spoofing
De ernstigste kwetsbaarheden hebben de kenmerken CVE-2025-49708 en CVE-2025-59287 toegewezen gekregen.
De kwetsbaarheid met kenmerk CVE-2025-49708 bevindt zich in de Graphics Component en stelt een kwaadwillende in staat om uit een Virtual Machine (VM) te breken en acties uit te voeren op de onderliggende Host.
De kwetsbaarheid met kenmerk CVE-2025-59287 bevindt zich in de Windows Server Update Servce (WSUS) en stelt een kwaadwillende in staat om op afstand willekeurige code uit te voeren op het kwetsbare systeem.
Van de kwetsbaarheid met kenmerk CVE-2025-59230 meldt Microsoft informatie te hebben dat deze actief is misbruikt op verouderde systemen. De kwetsbaarheid bevindt zich in de Remote Access Connection Manager stelt een lokale, geauthenticeerde kwaadwillende in staat om zich SYSTEM-rechten toe te kennen en zo mogelijk willekeurige code uit te voeren als SYSTEM
**Update:**
Het NCSC heeft van een vertrouwde partner vernomen dat op 24 oktober 2025 misbruik van de kwetsbaarheid met kenmerk CVE-2025-59287 is waargenomen. Deze kwetsbaarheid bevindt zich in de WSUS-service en stelt een kwaadwillende in staat om willekeurige code uit te voeren op het kwetsbare systeem. Het is niet gebruikelijk een WSUS service publiek via internet toegankelijk te hebben.
Inmiddels is er publieke proof-of-conceptcode beschikbaar voor de betreffende kwetsbaarheid, wat het risico op misbruik verhoogt.
**De in deze Patch-Tuesday update uitgebrachte oplossing voor deze kwetsbaarheid blijkt niet afdoende te zijn. Microsoft heeft hiervoor een out-of-band patch uitgebracht die zo spoedig mogelijk aanvullend op de Patch-Tuesday update dient te worden ingezet.**
```
Windows Confidential Virtual Machines (CVM):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48813 | 6.30 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows Resilient File System (ReFS):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55687 | 7.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows DirectX:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55678 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55698 | 7.70 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows DWM:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55681 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-58722 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Xbox:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-53768 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Kernel:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59186 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-59207 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-50152 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-55334 | 6.20 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-55679 | 5.10 | Toegang tot gevoelige gegevens |
| CVE-2025-55683 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-55693 | 7.40 | Verkrijgen van verhoogde rechten |
| CVE-2025-55699 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-59187 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-59194 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Routing and Remote Access Service (RRAS):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55700 | 6.50 | Toegang tot gevoelige gegevens |
| CVE-2025-58717 | 6.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Inbox COM Objects:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58732 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58735 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-59282 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58730 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58731 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58733 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58734 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58736 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58738 | 7.00 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Agere Windows Modem Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-24990 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-24052 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Active Directory Federation Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59258 | 6.20 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Push Notification Core:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59211 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-59209 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Authentication Methods:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59277 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-59275 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-59278 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows File Explorer:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58739 | 6.50 | Voordoen als andere gebruiker |
| CVE-2025-59214 | 6.50 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Data Sharing Service Client:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59200 | 7.70 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows Hyper-V:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55328 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows NTFS:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55335 | 7.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows ETL Channel:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59197 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Microsoft Failover Cluster Virtual Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59260 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Server Update Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59287 | 9.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Microsoft Windows Speech:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58715 | 8.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-58716 | 8.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows NTLM:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59284 | 3.30 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows COM:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58725 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Network Connection Status Indicator (NCSI):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59201 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
TCG TPM2.0:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-2884 | 5.30 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows MapUrlToZone:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59208 | 7.10 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Internet Explorer:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59295 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Core Shell:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59185 | 6.50 | Voordoen als andere gebruiker |
| CVE-2025-59244 | 6.50 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows SMB Server:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58726 | 7.50 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Remote Access Connection Manager:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59230 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows PrintWorkflowUserSvc:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55685 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55686 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55689 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55331 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55684 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55688 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55690 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55691 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Taskbar Live:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59294 | 2.10 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows BitLocker:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55333 | 6.10 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-55338 | 6.10 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-55330 | 6.10 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-55332 | 6.10 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-55337 | 6.10 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-55682 | 6.10 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
NtQueryInformation Token function (ntifs.h):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55696 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows USB Video Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55676 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Ancillary Function Driver for WinSock:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59242 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-58714 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Azure Local:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55697 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Local Session Manager (LSM):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59257 | 6.50 | Denial-of-Service |
| CVE-2025-59259 | 6.50 | Denial-of-Service |
| CVE-2025-58729 | 6.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Resilient File System (ReFS) Deduplication Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59206 | 7.40 | Verkrijgen van verhoogde rechten |
| CVE-2025-59210 | 7.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Virtualization-Based Security (VBS) Enclave:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-53717 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Cloud Files Mini Filter Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55336 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-55680 | 8.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows WLAN Auto Config Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55695 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Software Protection Platform (SPP):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59199 | 8.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Cryptographic Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58720 | 7.80 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Remote Desktop Client:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58718 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows StateRepository API:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59203 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Microsoft Windows Search Component:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59190 | 5.50 | Denial-of-Service |
| CVE-2025-59198 | 5.00 | Denial-of-Service |
| CVE-2025-59253 | 5.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Failover Cluster:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47979 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-59188 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows SMB Client:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59280 | 3.10 | Manipulatie van gegevens |
|----------------|------|-------------------------------------|
Windows Secure Boot:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47827 | 4.60 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Microsoft PowerShell:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-25004 | 7.30 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Microsoft Windows:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55701 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Microsoft Windows Codecs Library:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-54957 | 7.00 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Error Reporting:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55692 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-55694 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows SSDP Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59196 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Storport.sys Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59192 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Remote Desktop Protocol:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55340 | 7.00 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Connected Devices Platform Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58727 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows NDIS:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55339 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Health and Optimized Experiences Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59241 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Remote Desktop Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59202 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows High Availability Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59184 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Microsoft Brokering File System:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48004 | 7.40 | Verkrijgen van verhoogde rechten |
| CVE-2025-59189 | 7.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows DWM Core Library:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59254 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-59255 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Digital Media:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-53150 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-50175 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Hello:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-53139 | 7.70 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Connected Devices Platform Service (Cdpsvc):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58719 | 4.70 | Verkrijgen van verhoogde rechten |
| CVE-2025-55326 | 7.50 | Uitvoeren van willekeurige code |
| CVE-2025-59191 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Device Association Broker service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-50174 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55677 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Bluetooth Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58728 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-59290 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-59289 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Storage Management Provider:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55325 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Management Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59204 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-59193 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Remote Desktop:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58737 | 7.00 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Microsoft Graphics Component:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59195 | 7.00 | Denial-of-Service |
| CVE-2025-49708 | 9.90 | Uitvoeren van willekeurige code |
| CVE-2016-9535 | 4.00 | Uitvoeren van willekeurige code |
| CVE-2025-59205 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-59261 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
```
**Update**:
Het NCSC heeft van een vertrouwde partner vernomen dat op 24 oktober 2025 misbruik van CVE-2025-59287 is waargenomen. Tevens is er publieke proof-of-conceptcode beschikbaar voor de betreffende CVE, wat het risico op misbruik verhoogt. Het is goed gebruik om WSUS niet direct aan het internet te ontsluiten.
Oplossingen
Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:
https://portal.msrc.microsoft.com/en-us/security-guidance
Voor aanvullende informatie en eventuele workarounds met betrekking tot de kwetsbaarheid met kenmerk CVE-2025-59287 heeft microsoft de informatie bij deze kwetsbaarheid geactualiseerd. Zie de detailpagina op:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287
Kans
high
Schade
high
CWE-20
Improper Input Validation
CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE-73
External Control of File Name or Path
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-121
Stack-based Buffer Overflow
CWE-122
Heap-based Buffer Overflow
CWE-125
Out-of-bounds Read
CWE-126
Buffer Over-read
CWE-190
Integer Overflow or Wraparound
CWE-191
Integer Underflow (Wrap or Wraparound)
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-209
Generation of Error Message Containing Sensitive Information
CWE-284
Improper Access Control
CWE-287
Improper Authentication
CWE-312
Cleartext Storage of Sensitive Information
CWE-319
Cleartext Transmission of Sensitive Information
CWE-324
Use of a Key Past its Expiration Date
CWE-347
Improper Verification of Cryptographic Signature
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-415
Double Free
CWE-416
Use After Free
CWE-476
NULL Pointer Dereference
CWE-502
Deserialization of Untrusted Data
CWE-532
Insertion of Sensitive Information into Log File
CWE-807
Reliance on Untrusted Inputs in a Security Decision
CWE-822
Untrusted Pointer Dereference
CWE-841
Improper Enforcement of Behavioral Workflow
CWE-908
Use of Uninitialized Resource
CWE-1023
Incomplete Comparison with Missing Factors
CWE-1240
Use of a Cryptographic Primitive with a Risky Implementation
CWE-1287
Improper Validation of Specified Type of Input
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Microsoft heeft kwetsbaarheden verholpen in Windows.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service\n- Omzeilen van een beveiligingsmaatregel\n- Manipulatie van gegevens\n- Uitvoeren van willekeurige code (gebruikersrechten)\n- Uitvoeren van willekeurige code (root/adminrechten)\n- Toegang tot gevoelige gegevens\n- Verkrijgen van verhoogde rechten\n- Spoofing\n\nDe ernstigste kwetsbaarheden hebben de kenmerken CVE-2025-49708 en CVE-2025-59287 toegewezen gekregen.\nDe kwetsbaarheid met kenmerk CVE-2025-49708 bevindt zich in de Graphics Component en stelt een kwaadwillende in staat om uit een Virtual Machine (VM) te breken en acties uit te voeren op de onderliggende Host.\nDe kwetsbaarheid met kenmerk CVE-2025-59287 bevindt zich in de Windows Server Update Servce (WSUS) en stelt een kwaadwillende in staat om op afstand willekeurige code uit te voeren op het kwetsbare systeem.\n\nVan de kwetsbaarheid met kenmerk CVE-2025-59230 meldt Microsoft informatie te hebben dat deze actief is misbruikt op verouderde systemen. De kwetsbaarheid bevindt zich in de Remote Access Connection Manager stelt een lokale, geauthenticeerde kwaadwillende in staat om zich SYSTEM-rechten toe te kennen en zo mogelijk willekeurige code uit te voeren als SYSTEM\n\n**Update:** \n\nHet NCSC heeft van een vertrouwde partner vernomen dat op 24 oktober 2025 misbruik van de kwetsbaarheid met kenmerk CVE-2025-59287 is waargenomen. Deze kwetsbaarheid bevindt zich in de WSUS-service en stelt een kwaadwillende in staat om willekeurige code uit te voeren op het kwetsbare systeem. Het is niet gebruikelijk een WSUS service publiek via internet toegankelijk te hebben.\nInmiddels is er publieke proof-of-conceptcode beschikbaar voor de betreffende kwetsbaarheid, wat het risico op misbruik verhoogt.\n\n**De in deze Patch-Tuesday update uitgebrachte oplossing voor deze kwetsbaarheid blijkt niet afdoende te zijn. Microsoft heeft hiervoor een out-of-band patch uitgebracht die zo spoedig mogelijk aanvullend op de Patch-Tuesday update dient te worden ingezet.**\n\n```\nWindows Confidential Virtual Machines (CVM): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-48813 | 6.30 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nWindows Resilient File System (ReFS): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55687 | 7.40 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows DirectX: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55678 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-55698 | 7.70 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\n\nWindows DWM: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55681 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-58722 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nXbox: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-53768 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Kernel: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59186 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-59207 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-50152 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-55334 | 6.20 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-55679 | 5.10 | Toegang tot gevoelige gegevens | \n| CVE-2025-55683 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-55693 | 7.40 | Verkrijgen van verhoogde rechten | \n| CVE-2025-55699 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-59187 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-59194 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Routing and Remote Access Service (RRAS): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55700 | 6.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-58717 | 6.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nInbox COM Objects: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-58732 | 7.00 | Uitvoeren van willekeurige code | \n| CVE-2025-58735 | 7.00 | Uitvoeren van willekeurige code | \n| CVE-2025-59282 | 7.00 | Uitvoeren van willekeurige code | \n| CVE-2025-58730 | 7.00 | Uitvoeren van willekeurige code | \n| CVE-2025-58731 | 7.00 | Uitvoeren van willekeurige code | \n| CVE-2025-58733 | 7.00 | Uitvoeren van willekeurige code | \n| CVE-2025-58734 | 7.00 | Uitvoeren van willekeurige code | \n| CVE-2025-58736 | 7.00 | Uitvoeren van willekeurige code | \n| CVE-2025-58738 | 7.00 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nAgere Windows Modem Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-24990 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-24052 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nActive Directory Federation Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59258 | 6.20 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Push Notification Core: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59211 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-59209 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Authentication Methods: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59277 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-59275 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-59278 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows File Explorer: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-58739 | 6.50 | Voordoen als andere gebruiker | \n| CVE-2025-59214 | 6.50 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nData Sharing Service Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59200 | 7.70 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nWindows Hyper-V: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55328 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows NTFS: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55335 | 7.40 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows ETL Channel: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59197 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nMicrosoft Failover Cluster Virtual Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59260 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Server Update Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59287 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nMicrosoft Windows Speech: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-58715 | 8.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-58716 | 8.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows NTLM: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59284 | 3.30 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nWindows COM: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-58725 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nNetwork Connection Status Indicator (NCSI): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59201 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nTCG TPM2.0: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-2884 | 5.30 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows MapUrlToZone: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59208 | 7.10 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nInternet Explorer: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59295 | 8.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Core Shell: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59185 | 6.50 | Voordoen als andere gebruiker | \n| CVE-2025-59244 | 6.50 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nWindows SMB Server: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-58726 | 7.50 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Remote Access Connection Manager: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59230 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows PrintWorkflowUserSvc: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55685 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-55686 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-55689 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-55331 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-55684 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-55688 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-55690 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-55691 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Taskbar Live: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59294 | 2.10 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows BitLocker: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55333 | 6.10 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-55338 | 6.10 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-55330 | 6.10 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-55332 | 6.10 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-55337 | 6.10 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-55682 | 6.10 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nNtQueryInformation Token function (ntifs.h): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55696 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows USB Video Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55676 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Ancillary Function Driver for WinSock: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59242 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-58714 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nAzure Local: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55697 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Local Session Manager (LSM): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59257 | 6.50 | Denial-of-Service | \n| CVE-2025-59259 | 6.50 | Denial-of-Service | \n| CVE-2025-58729 | 6.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Resilient File System (ReFS) Deduplication Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59206 | 7.40 | Verkrijgen van verhoogde rechten | \n| CVE-2025-59210 | 7.40 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Virtualization-Based Security (VBS) Enclave: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-53717 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Cloud Files Mini Filter Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55336 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-55680 | 8.40 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows WLAN Auto Config Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55695 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nSoftware Protection Platform (SPP): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59199 | 8.40 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Cryptographic Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-58720 | 7.80 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nRemote Desktop Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-58718 | 8.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows StateRepository API: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59203 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nMicrosoft Windows Search Component: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59190 | 5.50 | Denial-of-Service | \n| CVE-2025-59198 | 5.00 | Denial-of-Service | \n| CVE-2025-59253 | 5.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Failover Cluster: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-47979 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-59188 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows SMB Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59280 | 3.10 | Manipulatie van gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Secure Boot: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-47827 | 4.60 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nMicrosoft PowerShell: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-25004 | 7.30 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nMicrosoft Windows: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55701 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nMicrosoft Windows Codecs Library: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-54957 | 7.00 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Error Reporting: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55692 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-55694 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows SSDP Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59196 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nStorport.sys Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59192 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Remote Desktop Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55340 | 7.00 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Connected Devices Platform Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-58727 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows NDIS: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55339 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Health and Optimized Experiences Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59241 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Remote Desktop Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59202 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows High Availability Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59184 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nMicrosoft Brokering File System: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-48004 | 7.40 | Verkrijgen van verhoogde rechten | \n| CVE-2025-59189 | 7.40 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows DWM Core Library: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59254 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-59255 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Digital Media: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-53150 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-50175 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Hello: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-53139 | 7.70 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nConnected Devices Platform Service (Cdpsvc): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-58719 | 4.70 | Verkrijgen van verhoogde rechten | \n| CVE-2025-55326 | 7.50 | Uitvoeren van willekeurige code | \n| CVE-2025-59191 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Device Association Broker service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-50174 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-55677 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Bluetooth Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-58728 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-59290 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-59289 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Storage Management Provider: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-55325 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Management Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59204 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2025-59193 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Remote Desktop: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-58737 | 7.00 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nMicrosoft Graphics Component: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-59195 | 7.00 | Denial-of-Service | \n| CVE-2025-49708 | 9.90 | Uitvoeren van willekeurige code | \n| CVE-2016-9535 | 4.00 | Uitvoeren van willekeurige code | \n| CVE-2025-59205 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-59261 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n```\n\n\n**Update**: \nHet NCSC heeft van een vertrouwde partner vernomen dat op 24 oktober 2025 misbruik van CVE-2025-59287 is waargenomen. Tevens is er publieke proof-of-conceptcode beschikbaar voor de betreffende CVE, wat het risico op misbruik verhoogt. Het is goed gebruik om WSUS niet direct aan het internet te ontsluiten.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance\n\nVoor aanvullende informatie en eventuele workarounds met betrekking tot de kwetsbaarheid met kenmerk CVE-2025-59287 heeft microsoft de informatie bij deze kwetsbaarheid geactualiseerd. Zie de detailpagina op:\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287",
"title": "Oplossingen"
},
{
"category": "general",
"text": "high",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
},
{
"category": "general",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Generation of Error Message Containing Sensitive Information",
"title": "CWE-209"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "general",
"text": "Cleartext Storage of Sensitive Information",
"title": "CWE-312"
},
{
"category": "general",
"text": "Cleartext Transmission of Sensitive Information",
"title": "CWE-319"
},
{
"category": "general",
"text": "Use of a Key Past its Expiration Date",
"title": "CWE-324"
},
{
"category": "general",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
},
{
"category": "general",
"text": "Reliance on Untrusted Inputs in a Security Decision",
"title": "CWE-807"
},
{
"category": "general",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
},
{
"category": "general",
"text": "Improper Enforcement of Behavioral Workflow",
"title": "CWE-841"
},
{
"category": "general",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
},
{
"category": "general",
"text": "Incomplete Comparison with Missing Factors",
"title": "CWE-1023"
},
{
"category": "general",
"text": "Use of a Cryptographic Primitive with a Risky Implementation",
"title": "CWE-1240"
},
{
"category": "general",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287"
}
],
"title": "Kwetsbaarheden verholpen in Microsoft Windows",
"tracking": {
"current_release_date": "2025-10-24T11:09:29.790442Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2025-0310",
"initial_release_date": "2025-10-14T18:03:45.875739Z",
"revision_history": [
{
"date": "2025-10-14T18:03:45.875739Z",
"number": "1.0.0",
"summary": "Initiele versie"
},
{
"date": "2025-10-24T08:24:42.569331Z",
"number": "1.0.1",
"summary": "Het NCSC heeft van een vertrouwde partner vernomen dat op 24 oktober 2025 misbruik van CVE-2025-59287 is waargenomen. Tevens is er publieke proof-of-conceptcode beschikbaar voor de betreffende CVE, wat het risico op misbruik verhoogt. Het is goed gebruik om WSUS niet direct aan het internet te ontsluiten."
},
{
"date": "2025-10-24T11:09:29.790442Z",
"number": "1.0.2",
"summary": "De originele update om de kwetsbaarheid met kenmerk CVE-2025-59287 te verhelpen blijkt niet afdoende. Microsoft heeft een Out-of-Band patch uitgebracht om additionele oplossingen te bieden. "
}
],
"status": "final",
"version": "1.0.2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Windows 10 1809"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Windows 10 21h2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Windows 10 22h2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1507"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1607"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-8"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-9"
}
}
],
"category": "product_name",
"name": "Windows 11 22H2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-10"
}
}
],
"category": "product_name",
"name": "Windows 11 23H2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-11"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-12"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-13"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 25H2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-14"
}
}
],
"category": "product_name",
"name": "Windows 11 version 22H2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-15"
}
}
],
"category": "product_name",
"name": "Windows 11 version 22H3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-16"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 R2 Service Pack 1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-17"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-18"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 Service Pack 2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-19"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 Service Pack 2 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-20"
}
}
],
"category": "product_name",
"name": "Windows Server 2012"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-21"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-22"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-23"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-24"
}
}
],
"category": "product_name",
"name": "Windows Server 2016"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-25"
}
}
],
"category": "product_name",
"name": "Windows Server 2016 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-26"
}
}
],
"category": "product_name",
"name": "Windows Server 2019"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-27"
}
}
],
"category": "product_name",
"name": "Windows Server 2019 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-28"
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-29"
}
}
],
"category": "product_name",
"name": "Windows Server 2022, 23H2 Edition (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-30"
}
}
],
"category": "product_name",
"name": "Windows Server 2025"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-31"
}
}
],
"category": "product_name",
"name": "Windows Server 2025 (Server Core installation)"
}
],
"category": "vendor",
"name": "Microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59258",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
},
{
"category": "description",
"text": "In Active Directory Federation Services, sensitive information logged can be exploited by unauthorized attackers, leading to potential local disclosure of confidential data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59258 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59258.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59258"
},
{
"cve": "CVE-2025-47979",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
},
{
"category": "description",
"text": "In a Windows Failover Cluster, sensitive information logged can be exploited by authorized attackers to disclose confidential data locally.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47979 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47979.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-47979"
},
{
"cve": "CVE-2025-55683",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "The exposure of sensitive information in the Windows Kernel allows authorized attackers to locally disclose confidential data, posing a significant security risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55683 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55683.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55683"
},
{
"cve": "CVE-2025-55697",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in Azure Local allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55697 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55697.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55697"
},
{
"cve": "CVE-2025-58737",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows Remote Desktop, termed \u0027use after free,\u0027 allows unauthorized attackers to execute arbitrary code on the local system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58737 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58737.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58737"
},
{
"cve": "CVE-2025-59184",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "A vulnerability in Windows High Availability Services allows an authorized attacker to locally disclose sensitive information to unauthorized individuals.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59184 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59184.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59184"
},
{
"cve": "CVE-2025-59188",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "A vulnerability in Windows Failover Cluster allows an authorized attacker to expose sensitive information to unauthorized individuals locally.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59188 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59188.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59188"
},
{
"cve": "CVE-2025-59260",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "A vulnerability in the Microsoft Failover Cluster Virtual Driver allows an authorized attacker to locally disclose sensitive information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59260 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59260.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59260"
},
{
"cve": "CVE-2025-59287",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "description",
"text": "A vulnerability in Windows Server Update Service allows unauthorized attackers to remotely execute code through the deserialization of untrusted data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59287 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59287.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59287"
},
{
"cve": "CVE-2025-48004",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in the Microsoft Brokering File System enables unauthorized attackers to locally elevate their privileges due to a use-after-free error.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48004 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48004.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-48004"
},
{
"cve": "CVE-2025-50174",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in the Windows Device Association Broker service enables an authorized attacker to locally elevate privileges via a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-50174 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-50174.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-50174"
},
{
"cve": "CVE-2025-24990",
"cwe": {
"id": "CWE-822",
"name": "Untrusted Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
},
{
"category": "description",
"text": "Microsoft\u0027s October cumulative update removes the ltmdm64.sys driver for the Agere Modem, disabling dependent fax modem hardware and addressing a vulnerability that allows privilege escalation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24990 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-24990.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-24990"
},
{
"cve": "CVE-2025-24052",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "description",
"text": "Microsoft has removed the ltmdm64.sys driver due to vulnerabilities in the Agere Modem driver, rendering fax modem hardware dependent on this driver non-functional on Windows.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24052 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-24052.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-24052"
},
{
"cve": "CVE-2025-55325",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "description",
"text": "A buffer over-read vulnerability in the Windows Storage Management Provider allows an authorized attacker to locally disclose sensitive information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55325 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55325.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55325"
},
{
"cve": "CVE-2025-55333",
"cwe": {
"id": "CWE-1023",
"name": "Incomplete Comparison with Missing Factors"
},
"notes": [
{
"category": "other",
"text": "Incomplete Comparison with Missing Factors",
"title": "CWE-1023"
},
{
"category": "description",
"text": "An incomplete comparison in Windows BitLocker may allow unauthorized attackers to exploit security features through physical attacks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55333 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55333.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55333"
},
{
"cve": "CVE-2025-55335",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows NTFS enables unauthorized attackers to locally elevate their privileges through a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55335 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55335.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55335"
},
{
"cve": "CVE-2025-55336",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "A vulnerability in the Windows Cloud Files Mini Filter Driver allows an authorized attacker to expose sensitive information to unauthorized local actors.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55336 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55336.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55336"
},
{
"cve": "CVE-2025-55338",
"cwe": {
"id": "CWE-288",
"name": "Authentication Bypass Using an Alternate Path or Channel"
},
"notes": [
{
"category": "other",
"text": "Authentication Bypass Using an Alternate Path or Channel",
"title": "CWE-288"
},
{
"category": "description",
"text": "The document highlights a vulnerability in Windows BitLocker that allows unauthorized attackers to bypass security features through physical attacks due to unpatchable ROM code.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55338 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55338.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55338"
},
{
"cve": "CVE-2025-55339",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in Windows NDIS allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55339 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55339.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55339"
},
{
"cve": "CVE-2025-55340",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "other",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "description",
"text": "Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55340 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55340.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55340"
},
{
"cve": "CVE-2025-55676",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Generation of Error Message Containing Sensitive Information",
"title": "CWE-209"
},
{
"category": "description",
"text": "The Windows USB Video Driver may produce an error message that discloses sensitive information, potentially enabling local access by an authorized attacker.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55676 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55676.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55676"
},
{
"cve": "CVE-2025-55677",
"cwe": {
"id": "CWE-822",
"name": "Untrusted Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
},
{
"category": "description",
"text": "A vulnerability in the Windows Device Association Broker service allows an authorized attacker to locally elevate their privileges through an untrusted pointer dereference.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55677 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55677.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55677"
},
{
"cve": "CVE-2025-55681",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in Windows DWM allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55681 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55681.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55681"
},
{
"cve": "CVE-2025-55685",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows PrintWorkflowUserSvc enables an authorized attacker to locally elevate privileges via a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55685 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55685.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55685"
},
{
"cve": "CVE-2025-55686",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows PrintWorkflowUserSvc enables an authorized attacker to locally elevate privileges via a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55686 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55686.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55686"
},
{
"cve": "CVE-2025-55687",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A race condition in the Windows Resilient File System (ReFS) due to improper synchronization can allow unauthorized attackers to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55687 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55687.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55687"
},
{
"cve": "CVE-2025-55689",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows PrintWorkflowUserSvc enables an authorized attacker to locally elevate privileges via a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55689 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55689.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55689"
},
{
"cve": "CVE-2025-55700",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in Windows Routing and Remote Access Service (RRAS) could allow unauthorized attackers to disclose sensitive information over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55700 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55700.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55700"
},
{
"cve": "CVE-2025-55701",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
},
{
"category": "description",
"text": "An authorized attacker can exploit improper input validation in Microsoft Windows to locally elevate privileges, potentially compromising system integrity.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55701 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55701.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55701"
},
{
"cve": "CVE-2025-58715",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "description",
"text": "An integer overflow vulnerability in Microsoft Windows Speech allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58715 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58715.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58715"
},
{
"cve": "CVE-2025-58716",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "Improper input validation in Microsoft Windows Speech allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58716 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58716.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58716"
},
{
"cve": "CVE-2025-58717",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in Windows Routing and Remote Access Service (RRAS) could allow unauthorized attackers to disclose sensitive information over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58717 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58717.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58717"
},
{
"cve": "CVE-2025-58719",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in the Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to locally elevate their privileges through a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58719 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58719.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58719"
},
{
"cve": "CVE-2025-58722",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in Windows DWM allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58722 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58722.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58722"
},
{
"cve": "CVE-2025-58728",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in the Windows Bluetooth Service enables an authorized attacker to locally elevate privileges via a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58728 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58728.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58728"
},
{
"cve": "CVE-2025-58732",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "The document highlights a vulnerability in Inbox COM Objects that allows unauthorized code execution locally due to a use-after-free flaw.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58732 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58732.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58732"
},
{
"cve": "CVE-2025-58735",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "The document highlights a vulnerability in Inbox COM Objects that allows unauthorized code execution locally due to a use-after-free flaw.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58735 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58735.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58735"
},
{
"cve": "CVE-2025-59185",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "other",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "description",
"text": "Unauthorized attackers can exploit external control of file names or paths in Windows Core Shell to execute spoofing attacks over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59185 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59185.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59185"
},
{
"cve": "CVE-2025-59195",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A race condition in the Microsoft Graphics Component allows an authorized attacker to locally deny service by mismanaging shared resources during concurrent execution.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59195 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59195.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59195"
},
{
"cve": "CVE-2025-59196",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A race condition in the Windows SSDP Service allows an authorized attacker to locally elevate their privileges due to improper synchronization of shared resources.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59196 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59196.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59196"
},
{
"cve": "CVE-2025-59199",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "An improper access control vulnerability in the Software Protection Platform (SPP) allows an authorized attacker to locally escalate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59199 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59199.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59199"
},
{
"cve": "CVE-2025-59200",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "description",
"text": "A race condition in the Data Sharing Service Client due to improper synchronization enables unauthorized attackers to spoof locally, posing a significant security risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59200 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59200.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59200"
},
{
"cve": "CVE-2025-59201",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "Improper access control in the Network Connection Status Indicator (NCSI) allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59201 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59201.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59201"
},
{
"cve": "CVE-2025-59202",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows Remote Desktop Services enables an authorized attacker to locally elevate privileges via a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59202 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59202.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59202"
},
{
"cve": "CVE-2025-59204",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "other",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
},
{
"category": "description",
"text": "The document highlights a vulnerability in Windows Management Services that allows an authorized attacker to disclose information locally due to uninitialized resources.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59204 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59204.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59204"
},
{
"cve": "CVE-2025-59206",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "Windows Resilient File System (ReFS) contains a vulnerability in its Deduplication Service that may enable an attacker to elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59206 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59206.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59206"
},
{
"cve": "CVE-2025-59207",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
},
{
"category": "description",
"text": "A vulnerability in the Windows Kernel allows an authorized attacker to exploit an untrusted pointer dereference, enabling local privilege escalation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59207 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59207.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59207"
},
{
"cve": "CVE-2025-59211",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "A vulnerability in Windows Push Notification Core allows an authorized attacker to expose sensitive information to an unauthorized actor locally.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59211 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59211.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59211"
},
{
"cve": "CVE-2025-59242",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59242 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59242.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59242"
},
{
"cve": "CVE-2025-49708",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in the Microsoft Graphics Component allows an authorized attacker to exploit a use-after-free condition to gain elevated privileges over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-49708 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-49708.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-49708"
},
{
"cve": "CVE-2025-59254",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in the Windows DWM Core Library allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59254 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59254.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59254"
},
{
"cve": "CVE-2025-59255",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in the Windows DWM Core Library allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59255 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59255.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59255"
},
{
"cve": "CVE-2025-54957",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "description",
"text": "Recent vulnerabilities in Dolby UDC, Microsoft Windows Codecs Library, and Chrome involve integer overflows and deserialization flaws, potentially leading to crashes and unauthorized code execution.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-54957 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-54957.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-54957"
},
{
"cve": "CVE-2025-59257",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
},
{
"category": "description",
"text": "An attacker can exploit improper input validation in Windows Local Session Manager (LSM) to trigger a denial of service over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59257 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59257.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59257"
},
{
"cve": "CVE-2025-59259",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
},
{
"category": "description",
"text": "An attacker can exploit improper input validation in Windows Local Session Manager (LSM) to trigger a denial of service over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59259 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59259.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59259"
},
{
"cve": "CVE-2025-59282",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A race condition in Inbox COM Objects due to improper synchronization enables unauthorized attackers to execute code locally, posing a significant security risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59282 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59282.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59282"
},
{
"cve": "CVE-2025-59284",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "The document highlights a vulnerability in Windows NTLM that allows unauthorized attackers to locally spoof by exposing sensitive information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59284 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59284.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59284"
},
{
"cve": "CVE-2025-59294",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "The document highlights a vulnerability in Windows Taskbar Live that allows unauthorized attackers to access sensitive information through physical attacks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59294 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59294.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59294"
},
{
"cve": "CVE-2025-59295",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in Internet Explorer allows unauthorized attackers to execute code remotely, posing significant security risks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59295 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59295.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59295"
},
{
"cve": "CVE-2016-9535",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
},
{
"category": "description",
"text": "The TIFF update addresses critical security vulnerabilities, including heap buffer overflows and remote code execution risks, particularly in libtiff 4.0.6 due to assertion errors in tif_predict.h and tif_predict.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2016-9535 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2016/cve-2016-9535.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2016-9535"
},
{
"cve": "CVE-2025-48813",
"cwe": {
"id": "CWE-324",
"name": "Use of a Key Past its Expiration Date"
},
"notes": [
{
"category": "other",
"text": "Use of a Key Past its Expiration Date",
"title": "CWE-324"
},
{
"category": "description",
"text": "The use of an expired key in Virtual Secure Mode allows an authorized attacker to execute local spoofing attacks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48813 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48813.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-48813"
},
{
"cve": "CVE-2025-25004",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "An improper access control vulnerability in Microsoft PowerShell allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-25004 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-25004.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-25004"
},
{
"cve": "CVE-2025-53717",
"cwe": {
"id": "CWE-807",
"name": "Reliance on Untrusted Inputs in a Security Decision"
},
"notes": [
{
"category": "other",
"text": "Reliance on Untrusted Inputs in a Security Decision",
"title": "CWE-807"
},
{
"category": "description",
"text": "The document highlights a security vulnerability in Windows Virtualization-Based Security (VBS) Enclave, where untrusted inputs can allow an authorized attacker to elevate privileges locally.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53717 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53717.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-53717"
},
{
"cve": "CVE-2025-50152",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "A vulnerability in the Windows Kernel allows an authorized attacker to locally elevate their privileges through an out-of-bounds read.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-50152 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-50152.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-50152"
},
{
"cve": "CVE-2025-53150",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows Digital Media allows an authorized attacker to locally elevate their privileges through a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53150 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53150.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-53150"
},
{
"cve": "CVE-2025-50175",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows Digital Media allows an authorized attacker to locally elevate their privileges through a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-50175 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-50175.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-50175"
},
{
"cve": "CVE-2025-53139",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Cleartext Transmission of Sensitive Information",
"title": "CWE-319"
},
{
"category": "description",
"text": "The cleartext transmission of sensitive information in Windows Hello allows unauthorized local access, undermining its intended security features.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53139 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53139.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-53139"
},
{
"cve": "CVE-2025-53768",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Xbox enables an authorized attacker to locally elevate their privileges due to a use-after-free issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53768 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53768.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-53768"
},
{
"cve": "CVE-2025-55328",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "description",
"text": "A race condition in Windows Hyper-V allows an authorized attacker to locally elevate their privileges due to improper synchronization of shared resources.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55328 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55328.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55328"
},
{
"cve": "CVE-2025-55330",
"cwe": {
"id": "CWE-841",
"name": "Improper Enforcement of Behavioral Workflow"
},
"notes": [
{
"category": "other",
"text": "Improper Enforcement of Behavioral Workflow",
"title": "CWE-841"
},
{
"category": "description",
"text": "Improper enforcement of behavioral workflow in Windows BitLocker allows unauthorized attackers to exploit physical access and bypass security features.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55330 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55330.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55330"
},
{
"cve": "CVE-2025-55331",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows PrintWorkflowUserSvc enables an authorized attacker to locally elevate privileges via a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55331 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55331.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55331"
},
{
"cve": "CVE-2025-55332",
"cwe": {
"id": "CWE-841",
"name": "Improper Enforcement of Behavioral Workflow"
},
"notes": [
{
"category": "other",
"text": "Improper Enforcement of Behavioral Workflow",
"title": "CWE-841"
},
{
"category": "description",
"text": "Improper enforcement of behavioral workflow in Windows BitLocker allows unauthorized attackers to exploit physical access and bypass security features.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55332 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55332.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55332"
},
{
"cve": "CVE-2025-55334",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Cleartext Storage of Sensitive Information",
"title": "CWE-312"
},
{
"category": "description",
"text": "The Windows Kernel\u0027s storage of sensitive information in cleartext allows local attackers to bypass security measures, posing a significant risk to system integrity.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55334 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55334.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55334"
},
{
"cve": "CVE-2025-55337",
"cwe": {
"id": "CWE-841",
"name": "Improper Enforcement of Behavioral Workflow"
},
"notes": [
{
"category": "other",
"text": "Improper Enforcement of Behavioral Workflow",
"title": "CWE-841"
},
{
"category": "description",
"text": "Improper enforcement of behavioral workflow in Windows BitLocker allows unauthorized attackers to exploit physical access and bypass security features.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55337 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55337.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55337"
},
{
"cve": "CVE-2025-55678",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows DirectX allows an authorized attacker to locally elevate privileges via a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55678 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55678.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55678"
},
{
"cve": "CVE-2025-55679",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "Improper input validation in the Windows Kernel can allow unauthorized attackers to locally disclose sensitive information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55679 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55679.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55679"
},
{
"cve": "CVE-2025-55680",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "description",
"text": "A TOCTOU race condition in the Windows Cloud Files Mini Filter Driver allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55680 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55680.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55680"
},
{
"cve": "CVE-2025-55682",
"cwe": {
"id": "CWE-841",
"name": "Improper Enforcement of Behavioral Workflow"
},
"notes": [
{
"category": "other",
"text": "Improper Enforcement of Behavioral Workflow",
"title": "CWE-841"
},
{
"category": "description",
"text": "Improper enforcement of behavioral workflow in Windows BitLocker allows unauthorized attackers to exploit physical access and bypass security features.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55682 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55682.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55682"
},
{
"cve": "CVE-2025-55684",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows PrintWorkflowUserSvc enables an authorized attacker to locally elevate privileges via a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55684 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55684.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55684"
},
{
"cve": "CVE-2025-55688",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows PrintWorkflowUserSvc enables an authorized attacker to locally elevate privileges via a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55688 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55688.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55688"
},
{
"cve": "CVE-2025-55690",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows PrintWorkflowUserSvc enables an authorized attacker to locally elevate privileges via a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55690 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55690.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55690"
},
{
"cve": "CVE-2025-55691",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in Windows PrintWorkflowUserSvc enables an authorized attacker to locally elevate privileges via a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55691 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55691.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55691"
},
{
"cve": "CVE-2025-55692",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "Improper input validation in Windows Error Reporting allows an authorized attacker to gain elevated local privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55692 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55692.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55692"
},
{
"cve": "CVE-2025-55693",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in the Windows Kernel, termed \u0027use after free,\u0027 allows unauthorized attackers to locally escalate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55693 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55693.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55693"
},
{
"cve": "CVE-2025-55694",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "Improper access control in Windows Error Reporting allows an authorized attacker to gain elevated privileges locally, posing a significant security risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55694 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55694.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55694"
},
{
"cve": "CVE-2025-55695",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in the Windows WLAN Auto Config Service can be exploited by an authorized attacker to disclose local information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55695 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55695.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55695"
},
{
"cve": "CVE-2025-55696",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "other",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
},
{
"category": "description",
"text": "A TOCTOU race condition in the NtQueryInformation Token function enables an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55696 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55696.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55696"
},
{
"cve": "CVE-2025-55698",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "A null pointer dereference vulnerability in Windows DirectX allows an authorized attacker to induce a denial of service over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55698 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55698.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55698"
},
{
"cve": "CVE-2025-55699",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "The exposure of sensitive information in the Windows Kernel allows authorized attackers to locally disclose confidential data, posing a significant security risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55699 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55699.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55699"
},
{
"cve": "CVE-2025-58714",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "The Windows Ancillary Function Driver for WinSock has an improper access control vulnerability that allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58714 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58714.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58714"
},
{
"cve": "CVE-2025-58718",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in the Remote Desktop Client enables unauthorized code execution due to a use-after-free error, posing significant security risks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58718 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58718.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58718"
},
{
"cve": "CVE-2025-58720",
"cwe": {
"id": "CWE-1240",
"name": "Use of a Cryptographic Primitive with a Risky Implementation"
},
"notes": [
{
"category": "other",
"text": "Use of a Cryptographic Primitive with a Risky Implementation",
"title": "CWE-1240"
},
{
"category": "description",
"text": "A vulnerability in Windows Cryptographic Services allows an authorized attacker to locally disclose information due to a flawed implementation of a cryptographic primitive.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58720 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58720.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58720"
},
{
"cve": "CVE-2025-58725",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in Windows COM allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58725 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58725.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58725"
},
{
"cve": "CVE-2025-58726",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "An improper access control vulnerability in Windows SMB Server allows authorized attackers to elevate their privileges within a network environment.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58726 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58726.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58726"
},
{
"cve": "CVE-2025-58727",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "description",
"text": "A race condition in the Windows Connected Devices Platform Service allows an authorized attacker to locally elevate their privileges due to improper synchronization of shared resources.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58727 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58727.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58727"
},
{
"cve": "CVE-2025-58729",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
},
{
"category": "description",
"text": "An attacker can exploit improper input validation in Windows Local Session Manager (LSM) to trigger a denial of service over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58729 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58729.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58729"
},
{
"cve": "CVE-2025-58730",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "The document highlights a vulnerability in Inbox COM Objects that allows unauthorized code execution locally due to a use-after-free flaw.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58730 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58730.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58730"
},
{
"cve": "CVE-2025-58731",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "The document highlights a vulnerability in Inbox COM Objects that allows unauthorized code execution locally due to a use-after-free flaw.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58731 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58731.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58731"
},
{
"cve": "CVE-2025-58733",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "The document highlights a vulnerability in Inbox COM Objects that allows unauthorized code execution locally due to a use-after-free flaw.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58733 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58733.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58733"
},
{
"cve": "CVE-2025-58734",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "The document highlights a vulnerability in Inbox COM Objects that allows unauthorized code execution locally due to a use-after-free flaw.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58734 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58734.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58734"
},
{
"cve": "CVE-2025-58736",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "The document highlights a vulnerability in Inbox COM Objects that allows unauthorized code execution locally due to a use-after-free flaw.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58736 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58736.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58736"
},
{
"cve": "CVE-2025-58738",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "The document highlights a vulnerability in Inbox COM Objects that allows unauthorized code execution locally due to a use-after-free flaw.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58738 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58738.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58738"
},
{
"cve": "CVE-2025-58739",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "Sensitive information exposure in Windows File Explorer can allow unauthorized attackers to spoof identities across a network, posing a significant security risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58739 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58739.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-58739"
},
{
"cve": "CVE-2025-59187",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
},
{
"category": "description",
"text": "Improper input validation in the Windows Kernel can allow an authorized attacker to gain elevated local privileges, posing a significant security risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59187 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59187.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59187"
},
{
"cve": "CVE-2025-59189",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in the Microsoft Brokering File System enables unauthorized attackers to locally elevate their privileges due to a use-after-free error.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59189 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59189.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59189"
},
{
"cve": "CVE-2025-59190",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "Improper input validation in the Microsoft Windows Search Component can allow an unauthorized attacker to locally deny service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59190 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59190.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59190"
},
{
"cve": "CVE-2025-59191",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in the Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59191 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59191.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59191"
},
{
"cve": "CVE-2025-59192",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "description",
"text": "A buffer over-read vulnerability in the Storport.sys driver allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59192 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59192.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59192"
},
{
"cve": "CVE-2025-59193",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "description",
"text": "A race condition in Windows Management Services allows authorized attackers to locally elevate their privileges due to improper synchronization.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59193 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59193.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59193"
},
{
"cve": "CVE-2025-59194",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "other",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
},
{
"category": "description",
"text": "The document outlines a vulnerability in the Windows Kernel that allows an authorized attacker to locally escalate privileges by exploiting uninitialized resources.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59194 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59194.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59194"
},
{
"cve": "CVE-2025-59197",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
},
{
"category": "description",
"text": "Inserting sensitive information into a Windows ETL Channel log file allows an authorized attacker to locally disclose confidential data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59197 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59197.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59197"
},
{
"cve": "CVE-2025-59198",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "Improper input validation in the Microsoft Windows Search Component can allow an authorized attacker to locally trigger a denial of service condition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59198 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59198.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59198"
},
{
"cve": "CVE-2025-59203",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
},
{
"category": "description",
"text": "The Windows StateRepository API contains a vulnerability that enables authorized attackers to insert sensitive information into log files, risking local information disclosure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59203 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59203.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59203"
},
{
"cve": "CVE-2025-59205",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "description",
"text": "A race condition in the Microsoft Graphics Component allows an authorized attacker to elevate privileges locally due to improper synchronization of shared resources.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59205 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59205.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59205"
},
{
"cve": "CVE-2025-59208",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in Windows MapUrlToZone can allow unauthorized attackers to disclose sensitive information over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59208 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59208.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59208"
},
{
"cve": "CVE-2025-59209",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "A vulnerability in Windows Push Notification Core allows an authorized attacker to expose sensitive information to an unauthorized actor locally.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59209 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59209.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59209"
},
{
"cve": "CVE-2025-59210",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "Windows Resilient File System (ReFS) contains a vulnerability in its Deduplication Service that may enable an attacker to elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59210 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59210.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59210"
},
{
"cve": "CVE-2025-59214",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "Sensitive information exposure in Windows File Explorer can allow unauthorized attackers to spoof identities across a network, posing a significant security risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59214 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59214.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59214"
},
{
"cve": "CVE-2025-59241",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
},
{
"category": "description",
"text": "A vulnerability in the Windows Health and Optimized Experiences Service enables authorized attackers to locally elevate privileges through improper link resolution prior to file access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59241 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59241.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59241"
},
{
"cve": "CVE-2025-2884",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Multiple vulnerabilities have been identified in various HPE servers and the TCG TPM2.0 Reference implementation, including Out-of-Bounds read issues and local denial of service exploits.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-2884 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-2884.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-2884"
},
{
"cve": "CVE-2025-59244",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "other",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "description",
"text": "Unauthorized attackers can exploit external control of file names or paths in Windows Core Shell to execute spoofing attacks over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59244 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59244.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59244"
},
{
"cve": "CVE-2025-59230",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "Microsoft Windows Remote Access Connection Manager has a vulnerability that allows an authorized attacker to locally elevate privileges due to improper access control.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59230 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59230.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59230"
},
{
"cve": "CVE-2025-59253",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "An attacker can exploit improper access control in the Microsoft Windows Search Component, leading to a local denial of service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59253 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59253.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59253"
},
{
"cve": "CVE-2025-59261",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "description",
"text": "A TOCTOU race condition in the Microsoft Graphics Component allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59261 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59261.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59261"
},
{
"cve": "CVE-2025-47827",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"notes": [
{
"category": "other",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "other",
"text": "Use of a Key Past its Expiration Date",
"title": "CWE-324"
},
{
"category": "description",
"text": "IGEL OS versions prior to 11 have a vulnerability in the igel-flash-driver module that allows Secure Boot to be bypassed due to improper verification of cryptographic signatures, enabling the use of unverified SquashFS images.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47827 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47827.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-47827"
},
{
"cve": "CVE-2025-59277",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
},
{
"category": "description",
"text": "The document identifies a vulnerability in Windows Authentication Methods that allows an authorized attacker to achieve elevated privileges due to inadequate input validation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59277 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59277.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59277"
},
{
"cve": "CVE-2025-59280",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "other",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "description",
"text": "Improper authentication in the Windows SMB Client allows unauthorized attackers to manipulate data over a network, posing a significant security risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59280 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59280.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59280"
},
{
"cve": "CVE-2025-59290",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in the Windows Bluetooth Service enables an authorized attacker to locally elevate privileges via a use-after-free exploit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59290 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59290.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59290"
},
{
"cve": "CVE-2025-55326",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A vulnerability in the Connected Devices Platform Service (Cdpsvc) allows unauthorized attackers to execute code remotely due to a use-after-free issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55326 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55326.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-55326"
},
{
"cve": "CVE-2025-59275",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
},
{
"category": "description",
"text": "The document identifies a vulnerability in Windows Authentication Methods that allows an authorized attacker to achieve elevated privileges due to inadequate input validation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59275 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59275.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59275"
},
{
"cve": "CVE-2025-59278",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
},
{
"category": "description",
"text": "The document identifies a vulnerability in Windows Authentication Methods that allows an authorized attacker to achieve elevated privileges due to inadequate input validation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59278 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59278.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59278"
},
{
"cve": "CVE-2025-59289",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "description",
"text": "A vulnerability in the Windows Bluetooth Service allows an authorized attacker to locally elevate privileges due to a double free error.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59289 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59289.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59289"
},
{
"cve": "CVE-2025-59186",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "The exposure of sensitive information in the Windows Kernel allows authorized attackers to locally disclose confidential data, posing a significant security risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59186 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59186.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2025-59186"
}
]
}
WID-SEC-W-2025-2307
Vulnerability from csaf_certbund - Published: 2025-10-14 22:00 - Updated: 2025-11-05 23:00Summary
Microsoft Windows: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Windows ist ein Betriebssystem von Microsoft.
Windows Server 2016 ist ein Betriebssystem von Microsoft.
Windows Server 2019 ist ein Betriebssystem von Microsoft.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Microsoft Windows Server, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows 10, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows, Microsoft Windows Server 2022, Microsoft Windows 11 und Microsoft Windows Server 2025 ausnutzen, um Remote Code Execution, Privilegieneskalation, Datenexfiltration oder Systemabstürze zu verursachen.
Betroffene Betriebssysteme
- Windows
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Windows ist ein Betriebssystem von Microsoft.\r\nWindows Server 2016 ist ein Betriebssystem von Microsoft.\r\nWindows Server 2019 ist ein Betriebssystem von Microsoft.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Microsoft Windows Server, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows 10, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows, Microsoft Windows Server 2022, Microsoft Windows 11 und Microsoft Windows Server 2025 ausnutzen, um Remote Code Execution, Privilegieneskalation, Datenexfiltration oder Systemabst\u00fcrze zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2307 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2307.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2307 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2307"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "PoC auf Hawktrace Blog vom 2025-10-23",
"url": "https://hawktrace.com/blog/CVE-2025-59287-UNAUTH"
},
{
"category": "external",
"summary": "Artikel auf Securityaffairs vom 2025-10-26",
"url": "https://securityaffairs.com/183830/security/cve-2025-59287-microsoft-fixes-critical-wsus-flaw-under-active-attack.html"
},
{
"category": "external",
"summary": "Exploit auf SSD Secure Disclosure vom 2025-11-05",
"url": "https://ssd-disclosure.com/cloud-filter-arbitrary-file-creation-eop-patch-bypass-lpe/"
}
],
"source_lang": "en-US",
"title": "Microsoft Windows: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-05T23:00:00.000+00:00",
"generator": {
"date": "2025-11-06T08:22:01.536+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2307",
"initial_release_date": "2025-10-14T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-10-14T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-10-19T22:00:00.000+00:00",
"number": "2",
"summary": "PoC aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "3",
"summary": "PoC aufgenommen"
},
{
"date": "2025-10-26T23:00:00.000+00:00",
"number": "4",
"summary": "Aktive ausnutzung gemeldet, Bewertung angepasst"
},
{
"date": "2025-11-05T23:00:00.000+00:00",
"number": "5",
"summary": "weiteren Exploit aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Remote Desktop client for Desktop",
"product": {
"name": "Microsoft Windows Remote Desktop client for Desktop",
"product_id": "T042605",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows:remote_desktop_client_for_desktop"
}
}
},
{
"category": "product_version",
"name": "App Client for Desktop",
"product": {
"name": "Microsoft Windows App Client for Desktop",
"product_id": "T042613",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows:app_client_for_desktop"
}
}
}
],
"category": "product_name",
"name": "Windows"
},
{
"branches": [
{
"category": "product_version",
"name": "Version 1607",
"product": {
"name": "Microsoft Windows 10 Version 1607",
"product_id": "T042601",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_1607"
}
}
},
{
"category": "product_version",
"name": "Version 1809",
"product": {
"name": "Microsoft Windows 10 Version 1809",
"product_id": "T042602",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_1809"
}
}
},
{
"category": "product_version",
"name": "Version 21H2",
"product": {
"name": "Microsoft Windows 10 Version 21H2",
"product_id": "T042606",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_21h2"
}
}
},
{
"category": "product_version",
"name": "Version 22H2",
"product": {
"name": "Microsoft Windows 10 Version 22H2",
"product_id": "T042608",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_22h2"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows 10",
"product": {
"name": "Microsoft Windows 10",
"product_id": "T047095",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:-"
}
}
}
],
"category": "product_name",
"name": "Windows 10"
},
{
"branches": [
{
"category": "product_version",
"name": "Version 25H2",
"product": {
"name": "Microsoft Windows 11 Version 25H2",
"product_id": "T025567",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:windows_terminal"
}
}
},
{
"category": "product_version",
"name": "Version 22H2",
"product": {
"name": "Microsoft Windows 11 Version 22H2",
"product_id": "T042607",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_22h2"
}
}
},
{
"category": "product_version",
"name": "Version 23H2",
"product": {
"name": "Microsoft Windows 11 Version 23H2",
"product_id": "T042609",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_23h2"
}
}
},
{
"category": "product_version",
"name": "Version 24H2",
"product": {
"name": "Microsoft Windows 11 Version 24H2",
"product_id": "T042611",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_24h2"
}
}
}
],
"category": "product_name",
"name": "Windows 11"
},
{
"branches": [
{
"category": "product_version",
"name": "2008 SP2",
"product": {
"name": "Microsoft Windows Server 2008 SP2",
"product_id": "T042596",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server:2008_sp2"
}
}
},
{
"category": "product_version",
"name": "2008 R2 SP1",
"product": {
"name": "Microsoft Windows Server 2008 R2 SP1",
"product_id": "T045208",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server:2008_r2_sp1"
}
}
}
],
"category": "product_name",
"name": "Windows Server"
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2012",
"product": {
"name": "Microsoft Windows Server 2012",
"product_id": "T043730",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2012:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2012 R2",
"product": {
"name": "Microsoft Windows Server 2012 R2",
"product_id": "T043731",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2012_r2:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2016",
"product": {
"name": "Microsoft Windows Server 2016",
"product_id": "T042600",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2016:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2019",
"product": {
"name": "Microsoft Windows Server 2019",
"product_id": "T042603",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2019:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "23H2 Edition",
"product": {
"name": "Microsoft Windows Server 2022 23H2 Edition",
"product_id": "T042610",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2022:23h2_edition"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2022",
"product": {
"name": "Microsoft Windows Server 2022",
"product_id": "T047093",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2022:-"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2025",
"product": {
"name": "Microsoft Windows Server 2025",
"product_id": "T047092",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2025:-"
}
}
}
],
"category": "vendor",
"name": "Microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9535",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2016-9535"
},
{
"cve": "CVE-2025-24052",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-24052"
},
{
"cve": "CVE-2025-24990",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-24990"
},
{
"cve": "CVE-2025-25004",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-25004"
},
{
"cve": "CVE-2025-2884",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-2884"
},
{
"cve": "CVE-2025-47827",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-47827"
},
{
"cve": "CVE-2025-47979",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-47979"
},
{
"cve": "CVE-2025-48004",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-48004"
},
{
"cve": "CVE-2025-48813",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-48813"
},
{
"cve": "CVE-2025-49708",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-49708"
},
{
"cve": "CVE-2025-50152",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-50152"
},
{
"cve": "CVE-2025-50174",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-50174"
},
{
"cve": "CVE-2025-50175",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-50175"
},
{
"cve": "CVE-2025-53139",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-53139"
},
{
"cve": "CVE-2025-53150",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-53150"
},
{
"cve": "CVE-2025-53717",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-53717"
},
{
"cve": "CVE-2025-53768",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-53768"
},
{
"cve": "CVE-2025-54957",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-54957"
},
{
"cve": "CVE-2025-55325",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55325"
},
{
"cve": "CVE-2025-55326",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55326"
},
{
"cve": "CVE-2025-55328",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55328"
},
{
"cve": "CVE-2025-55330",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55330"
},
{
"cve": "CVE-2025-55331",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55331"
},
{
"cve": "CVE-2025-55332",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55332"
},
{
"cve": "CVE-2025-55333",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55333"
},
{
"cve": "CVE-2025-55334",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55334"
},
{
"cve": "CVE-2025-55335",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55335"
},
{
"cve": "CVE-2025-55336",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55336"
},
{
"cve": "CVE-2025-55337",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55337"
},
{
"cve": "CVE-2025-55338",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55338"
},
{
"cve": "CVE-2025-55339",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55339"
},
{
"cve": "CVE-2025-55340",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55340"
},
{
"cve": "CVE-2025-55676",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55676"
},
{
"cve": "CVE-2025-55677",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55677"
},
{
"cve": "CVE-2025-55678",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55678"
},
{
"cve": "CVE-2025-55679",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55679"
},
{
"cve": "CVE-2025-55680",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55680"
},
{
"cve": "CVE-2025-55681",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55681"
},
{
"cve": "CVE-2025-55682",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55682"
},
{
"cve": "CVE-2025-55683",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55683"
},
{
"cve": "CVE-2025-55684",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55684"
},
{
"cve": "CVE-2025-55685",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55685"
},
{
"cve": "CVE-2025-55686",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55686"
},
{
"cve": "CVE-2025-55687",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55687"
},
{
"cve": "CVE-2025-55688",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55688"
},
{
"cve": "CVE-2025-55689",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55689"
},
{
"cve": "CVE-2025-55690",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55690"
},
{
"cve": "CVE-2025-55691",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55691"
},
{
"cve": "CVE-2025-55692",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55692"
},
{
"cve": "CVE-2025-55693",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55693"
},
{
"cve": "CVE-2025-55694",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55694"
},
{
"cve": "CVE-2025-55695",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55695"
},
{
"cve": "CVE-2025-55696",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55696"
},
{
"cve": "CVE-2025-55697",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55697"
},
{
"cve": "CVE-2025-55698",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55698"
},
{
"cve": "CVE-2025-55699",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55699"
},
{
"cve": "CVE-2025-55700",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55700"
},
{
"cve": "CVE-2025-55701",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-55701"
},
{
"cve": "CVE-2025-58714",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58714"
},
{
"cve": "CVE-2025-58715",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58715"
},
{
"cve": "CVE-2025-58716",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58716"
},
{
"cve": "CVE-2025-58717",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58717"
},
{
"cve": "CVE-2025-58718",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58718"
},
{
"cve": "CVE-2025-58719",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58719"
},
{
"cve": "CVE-2025-58720",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58720"
},
{
"cve": "CVE-2025-58722",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58722"
},
{
"cve": "CVE-2025-58725",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58725"
},
{
"cve": "CVE-2025-58726",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58726"
},
{
"cve": "CVE-2025-58727",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58727"
},
{
"cve": "CVE-2025-58728",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58728"
},
{
"cve": "CVE-2025-58729",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58729"
},
{
"cve": "CVE-2025-58730",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58730"
},
{
"cve": "CVE-2025-58731",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58731"
},
{
"cve": "CVE-2025-58732",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58732"
},
{
"cve": "CVE-2025-58733",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58733"
},
{
"cve": "CVE-2025-58734",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58734"
},
{
"cve": "CVE-2025-58735",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58735"
},
{
"cve": "CVE-2025-58736",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58736"
},
{
"cve": "CVE-2025-58737",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58737"
},
{
"cve": "CVE-2025-58738",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58738"
},
{
"cve": "CVE-2025-58739",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-58739"
},
{
"cve": "CVE-2025-59184",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59184"
},
{
"cve": "CVE-2025-59185",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59185"
},
{
"cve": "CVE-2025-59186",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59186"
},
{
"cve": "CVE-2025-59187",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59187"
},
{
"cve": "CVE-2025-59188",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59188"
},
{
"cve": "CVE-2025-59189",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59189"
},
{
"cve": "CVE-2025-59190",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59190"
},
{
"cve": "CVE-2025-59191",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59191"
},
{
"cve": "CVE-2025-59192",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59192"
},
{
"cve": "CVE-2025-59193",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59193"
},
{
"cve": "CVE-2025-59194",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59194"
},
{
"cve": "CVE-2025-59195",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59195"
},
{
"cve": "CVE-2025-59196",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59196"
},
{
"cve": "CVE-2025-59197",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59197"
},
{
"cve": "CVE-2025-59198",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59198"
},
{
"cve": "CVE-2025-59199",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59199"
},
{
"cve": "CVE-2025-59200",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59200"
},
{
"cve": "CVE-2025-59201",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59201"
},
{
"cve": "CVE-2025-59202",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59202"
},
{
"cve": "CVE-2025-59203",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59203"
},
{
"cve": "CVE-2025-59204",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59204"
},
{
"cve": "CVE-2025-59205",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59205"
},
{
"cve": "CVE-2025-59206",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59206"
},
{
"cve": "CVE-2025-59207",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59207"
},
{
"cve": "CVE-2025-59208",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59208"
},
{
"cve": "CVE-2025-59209",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59209"
},
{
"cve": "CVE-2025-59210",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59210"
},
{
"cve": "CVE-2025-59211",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59211"
},
{
"cve": "CVE-2025-59214",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59214"
},
{
"cve": "CVE-2025-59230",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59230"
},
{
"cve": "CVE-2025-59241",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59241"
},
{
"cve": "CVE-2025-59242",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59242"
},
{
"cve": "CVE-2025-59244",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59244"
},
{
"cve": "CVE-2025-59253",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59253"
},
{
"cve": "CVE-2025-59254",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59254"
},
{
"cve": "CVE-2025-59255",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59255"
},
{
"cve": "CVE-2025-59257",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59257"
},
{
"cve": "CVE-2025-59258",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59258"
},
{
"cve": "CVE-2025-59259",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59259"
},
{
"cve": "CVE-2025-59260",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59260"
},
{
"cve": "CVE-2025-59261",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59261"
},
{
"cve": "CVE-2025-59275",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59275"
},
{
"cve": "CVE-2025-59277",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59277"
},
{
"cve": "CVE-2025-59278",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59278"
},
{
"cve": "CVE-2025-59280",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59280"
},
{
"cve": "CVE-2025-59282",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59282"
},
{
"cve": "CVE-2025-59284",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59284"
},
{
"cve": "CVE-2025-59287",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59287"
},
{
"cve": "CVE-2025-59289",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59289"
},
{
"cve": "CVE-2025-59290",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59290"
},
{
"cve": "CVE-2025-59294",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59294"
},
{
"cve": "CVE-2025-59295",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59295"
},
{
"cve": "CVE-2025-59502",
"product_status": {
"known_affected": [
"T047092",
"T047093",
"T047095",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T043730",
"T043731",
"T042610",
"T042600",
"T042611",
"T045208",
"T042601",
"T042602",
"T042613",
"T042603",
"T025567"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-59502"
}
]
}
WID-SEC-W-2025-1280
Vulnerability from csaf_certbund - Published: 2025-06-10 22:00 - Updated: 2025-06-22 22:00Summary
Intel Firmware: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Die Firmware ist eine in die Geräte fest eingebettete Software, die dort grundlegende Funktionen leistet.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in Intel Firmware ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- BIOS/Firmware
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Firmware ist eine in die Ger\u00e4te fest eingebettete Software, die dort grundlegende Funktionen leistet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle in Intel Firmware ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1280 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1280.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1280 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1280"
},
{
"category": "external",
"summary": "Intel PTT and SPS Advisory vom 2025-06-10",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html"
},
{
"category": "external",
"summary": "Lenovo Security Advisory LEN-165940 vom 2025-06-11",
"url": "https://support.lenovo.com/us/en/product_security/LEN-165940"
},
{
"category": "external",
"summary": "Lenovo Security Advisory LEN-197064 vom 2025-06-11",
"url": "https://support.lenovo.com/us/en/product_security/LEN-197064"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-232 vom 2025-06-12",
"url": "https://www.dell.com/support/kbdoc/de-de/000331010/dsa-2025-232-security-update-for-dell-poweredge-server-for-a-trusted-platform-module-tpm-2-0-firmware-vulnerability"
},
{
"category": "external",
"summary": "HP Security Bulletin HPSBHF04030 vom 2025-06-02",
"url": "https://support.hp.com/de-de/document/ish_12649868-12649893-16/HPSBHF04030"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250620-0007 vom 2025-06-20",
"url": "https://security.netapp.com/advisory/NTAP-20250620-0007"
}
],
"source_lang": "en-US",
"title": "Intel Firmware: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2025-06-22T22:00:00.000+00:00",
"generator": {
"date": "2025-06-23T07:10:23.396+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-1280",
"initial_release_date": "2025-06-10T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-06-10T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-06-12T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-06-17T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2025-06-22T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von NetApp aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell PowerEdge",
"product": {
"name": "Dell PowerEdge",
"product_id": "T019535",
"product_identification_helper": {
"cpe": "cpe:/h:dell:poweredge:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "HP Computer",
"product": {
"name": "HP Computer",
"product_id": "T030989",
"product_identification_helper": {
"cpe": "cpe:/h:hp:computer:-"
}
}
}
],
"category": "vendor",
"name": "HP"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "PTT",
"product": {
"name": "Intel Firmware PTT",
"product_id": "T044478",
"product_identification_helper": {
"cpe": "cpe:/a:intel:firmware:ptt"
}
}
},
{
"category": "product_version",
"name": "SPS",
"product": {
"name": "Intel Firmware SPS",
"product_id": "T044479",
"product_identification_helper": {
"cpe": "cpe:/a:intel:firmware:sps"
}
}
}
],
"category": "product_name",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Intel"
},
{
"branches": [
{
"category": "product_name",
"name": "Lenovo Computer",
"product": {
"name": "Lenovo Computer",
"product_id": "T026557",
"product_identification_helper": {
"cpe": "cpe:/h:lenovo:computer:-"
}
}
}
],
"category": "vendor",
"name": "Lenovo"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "NetApp Data ONTAP 9",
"product_id": "T039981",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:9"
}
}
}
],
"category": "product_name",
"name": "Data ONTAP"
}
],
"category": "vendor",
"name": "NetApp"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-2884",
"product_status": {
"known_affected": [
"T044478",
"T019535",
"T044479",
"T030989",
"T026557",
"T039981"
]
},
"release_date": "2025-06-10T22:00:00.000+00:00",
"title": "CVE-2025-2884"
}
]
}
WID-SEC-W-2025-1278
Vulnerability from csaf_certbund - Published: 2025-06-10 22:00 - Updated: 2025-08-12 22:00Summary
AMD Prozessoren: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Prozessoren sind die zentralen Rechenwerke eines Computers.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in verschiedenen AMD Prozessoren ausnutzen, um einen Denial of Service Angriff durchzuführen oder Infromationen offenzulegen.
Betroffene Betriebssysteme
- BIOS/Firmware
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Prozessoren sind die zentralen Rechenwerke eines Computers.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle in verschiedenen AMD Prozessoren ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder Infromationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1278 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1278.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1278 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1278"
},
{
"category": "external",
"summary": "AMD Security Bulletin AMD-SB-4011 vom 2025-06-10",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4011.html"
},
{
"category": "external",
"summary": "Lenovo Security Advisory LEN-197064 vom 2025-06-11",
"url": "https://support.lenovo.com/us/en/product_security/LEN-197064"
},
{
"category": "external",
"summary": "Lenovo Security Advisory LEN-165940 vom 2025-06-11",
"url": "https://support.lenovo.com/us/en/product_security/LEN-165940"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-232 vom 2025-06-12",
"url": "https://www.dell.com/support/kbdoc/de-de/000331010/dsa-2025-232-security-update-for-dell-poweredge-server-for-a-trusted-platform-module-tpm-2-0-firmware-vulnerability"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250620-0007 vom 2025-06-20",
"url": "https://security.netapp.com/advisory/NTAP-20250620-0007"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-127 vom 2025-07-02",
"url": "https://www.dell.com/support/kbdoc/000294892"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-133 vom 2025-08-12",
"url": "https://www.dell.com/support/kbdoc/de-de/000296114/dsa-2025-133"
}
],
"source_lang": "en-US",
"title": "AMD Prozessoren: Schwachstelle erm\u00f6glicht Denial of Service und Offenlegung von Informationen",
"tracking": {
"current_release_date": "2025-08-12T22:00:00.000+00:00",
"generator": {
"date": "2025-08-13T06:22:23.725+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1278",
"initial_release_date": "2025-06-10T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-06-10T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-06-12T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-06-22T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2025-07-01T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-08-12T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Athlon",
"product": {
"name": "AMD Prozessor Athlon",
"product_id": "T044475",
"product_identification_helper": {
"cpe": "cpe:/h:amd:amd_processor:athlon"
}
}
},
{
"category": "product_version",
"name": "Ryzen",
"product": {
"name": "AMD Prozessor Ryzen",
"product_id": "T044476",
"product_identification_helper": {
"cpe": "cpe:/h:amd:amd_processor:ryzen"
}
}
}
],
"category": "product_name",
"name": "Prozessor"
}
],
"category": "vendor",
"name": "AMD"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell BIOS",
"product": {
"name": "Dell BIOS",
"product_id": "T041253",
"product_identification_helper": {
"cpe": "cpe:/h:dell:bios:-"
}
}
},
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T036868",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
},
{
"category": "product_name",
"name": "Dell PowerEdge",
"product": {
"name": "Dell PowerEdge",
"product_id": "T019535",
"product_identification_helper": {
"cpe": "cpe:/h:dell:poweredge:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Lenovo Computer",
"product": {
"name": "Lenovo Computer",
"product_id": "T026557",
"product_identification_helper": {
"cpe": "cpe:/h:lenovo:computer:-"
}
}
}
],
"category": "vendor",
"name": "Lenovo"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "NetApp Data ONTAP 9",
"product_id": "T039981",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:9"
}
}
}
],
"category": "product_name",
"name": "Data ONTAP"
}
],
"category": "vendor",
"name": "NetApp"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-2884",
"product_status": {
"known_affected": [
"T041253",
"T019535",
"T036868",
"T026557",
"T039981",
"T044476",
"T044475"
]
},
"release_date": "2025-06-10T22:00:00.000+00:00",
"title": "CVE-2025-2884"
}
]
}
GHSA-3FXC-2CRV-FG9X
Vulnerability from github – Published: 2025-06-10 18:32 – Updated: 2025-06-13 18:30
VLAI?
Details
TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata 1.83 of TCG standard TPM2.0
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2025-2884"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-10T18:15:30Z",
"severity": "CRITICAL"
},
"details": "TCG TPM2.0 Reference implementation\u0027s CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key\u0027s algorithm. See Errata 1.83 of TCG standard TPM2.0",
"id": "GHSA-3fxc-2crv-fg9x",
"modified": "2025-06-13T18:30:34Z",
"published": "2025-06-10T18:32:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2884"
},
{
"type": "WEB",
"url": "https://github.com/stefanberger/libtpms/commit/04b2d8e9afc0a9b6bffe562a23e58c0de11532d1"
},
{
"type": "WEB",
"url": "https://trustedcomputinggroup.org/about/security"
},
{
"type": "WEB",
"url": "https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.83-Errata_v1_pub.pdf"
},
{
"type": "WEB",
"url": "https://trustedcomputinggroup.org/wp-content/uploads/VRT0009-Advisory-FINAL.pdf"
},
{
"type": "WEB",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49133"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html"
},
{
"type": "WEB",
"url": "https://www.kb.cert.org/vuls/id/282450"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2025-2884
Vulnerability from fkie_nvd - Published: 2025-06-10 18:15 - Updated: 2025-06-13 18:15
Severity ?
Summary
TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0
References
| URL | Tags | ||
|---|---|---|---|
| cret@cert.org | https://github.com/stefanberger/libtpms/commit/04b2d8e9afc0a9b6bffe562a23e58c0de11532d1 | ||
| cret@cert.org | https://trustedcomputinggroup.org/about/security/ | ||
| cret@cert.org | https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.83-Errata_v1_pub.pdf | ||
| cret@cert.org | https://trustedcomputinggroup.org/wp-content/uploads/VRT0009-Advisory-FINAL.pdf | ||
| cret@cert.org | https://www.cve.org/CVERecord?id=CVE-2025-49133 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/282450 |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TCG TPM2.0 Reference implementation\u0027s CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key\u0027s algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0"
},
{
"lang": "es",
"value": "La funci\u00f3n auxiliar CryptHmacSign de la implementaci\u00f3n de referencia TCG TPM2.0 es vulnerable a lecturas fuera de los l\u00edmites debido a la falta de validaci\u00f3n del esquema de firma con el algoritmo de la clave de firma. Consulte la errata 1.83 del est\u00e1ndar TCG TPM2.0."
}
],
"id": "CVE-2025-2884",
"lastModified": "2025-06-13T18:15:21.710",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.2,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-06-10T18:15:30.617",
"references": [
{
"source": "cret@cert.org",
"url": "https://github.com/stefanberger/libtpms/commit/04b2d8e9afc0a9b6bffe562a23e58c0de11532d1"
},
{
"source": "cret@cert.org",
"url": "https://trustedcomputinggroup.org/about/security/"
},
{
"source": "cret@cert.org",
"url": "https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.83-Errata_v1_pub.pdf"
},
{
"source": "cret@cert.org",
"url": "https://trustedcomputinggroup.org/wp-content/uploads/VRT0009-Advisory-FINAL.pdf"
},
{
"source": "cret@cert.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.kb.cert.org/vuls/id/282450"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…