CVE-2025-48822: Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability

CVE-2025-48821: Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

CVE-2025-48820: Windows AppX Deployment Service Elevation of Privilege Vulnerability

CVE-2025-48817: Remote Desktop Client Remote Code Execution Vulnerability

CVE-2025-48816: HID Class Driver Elevation of Privilege Vulnerability

**What type of information could be disclosed by this vulnerability?**

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the data contained in the targeted PowerBI dashboard. The scope of PowerBI data which could be accessed is dependent on the privileges of compromised user.

Headline

CVE-2025-21403: On-Premises Data Gateway Information Disclosure Vulnerability

Microsoft Security Response Center: Latest News