#auth

CVE-2025-58727: Windows Connected Devices Platform Service Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

3 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Connected Devices Platform Service #Security Vulnerability

CVE-2025-58726: Windows SMB Server Elevation of Privilege Vulnerability

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

3 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #samba #auth #Windows SMB Server #Security Vulnerability

CVE-2025-55697: Azure Local Elevation of Privilege Vulnerability

Heap-based buffer overflow in Azure Local allows an authorized attacker to elevate privileges locally.

3 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #buffer_overflow #auth #Azure Local #Security Vulnerability

CVE-2025-55696: NtQueryInformation Token function (ntifs.h) Elevation of Privilege Vulnerability

Time-of-check time-of-use (toctou) race condition in NtQueryInformation Token function (ntifs.h) allows an authorized attacker to elevate privileges locally.

3 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #auth #NtQueryInformation Token function (ntifs.h)#Security Vulnerability

CVE-2025-55693: Windows Kernel Elevation of Privilege Vulnerability

Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

3 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Kernel #Security Vulnerability

CVE-2025-55692: Windows Error Reporting Service Elevation of Privilege Vulnerability

Improper input validation in Windows Error Reporting allows an authorized attacker to elevate privileges locally.