Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2025-53810: Windows Defender Firewall Service Elevation of Privilege Vulnerability

Access of resource using incompatible type ('type confusion') in Windows Defender allows an authorized attacker to elevate privileges locally.

Microsoft Security Response Center
Open in Source
#vulnerability#windows#auth#Windows Defender Firewall Service#Security Vulnerability
CVE-2025-54108: Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally.

CVE-2025-54105: Microsoft Brokering File System Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

CVE-2025-54092: Windows Hyper-V Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

CVE-2025-54104: Windows Defender Firewall Service Elevation of Privilege Vulnerability

Access of resource using incompatible type ('type confusion') in Windows Defender allows an authorized attacker to elevate privileges locally.

CVE-2025-54107: MapUrlToZone Security Feature Bypass Vulnerability

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

CVE-2025-53803: Windows Kernel Memory Information Disclosure Vulnerability

Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally.