CVE-2025-32709

5/13/2025 5:16:04 PM

19 روز قبل

16 روز قبل

Reporter :secure@microsoft.com

Modified :5/13/2025 5:16:04 PM

Problem Data :CWE-416

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Epss Score	0.03746
Epss Percentile	0.87431

ریسک پائین:: این آسیب پذیری احتمال ارائه Exploit پائینی دارد. به روز رسانی و نظارت معمولی را لحاظ نمائید.

CPE	Vendor	Product	Version Start	Version End
cpe:2.3:o:microsoft:windows_server_2019::::::::	microsoft	windows_server_2019	*	*
cpe:2.3:o:microsoft:windows_10_1507::::::::	microsoft	windows_10_1507	*	*
cpe:2.3:o:microsoft:windows_server_2022_23h2::::::::	microsoft	windows_server_2022_23h2	*	*
cpe:2.3:o:microsoft:windows_server_2025::::::::	microsoft	windows_server_2025	*	*
cpe:2.3:o:microsoft:windows_10_22h2::::::::	microsoft	windows_10_22h2	*	*
cpe:2.3:o:microsoft:windows_server_2012:r2:::::::*	microsoft	windows_server_2012	r2	*
cpe:2.3:o:microsoft:windows_server_2022::::::::	microsoft	windows_server_2022	*	*
cpe:2.3:o:microsoft:windows_10_1607::::::::	microsoft	windows_10_1607	*	*
cpe:2.3:o:microsoft:windows_10_1809:::::::x64:*	microsoft	windows_10_1809	*	*
cpe:2.3:o:microsoft:windows_11_24h2::::::::	microsoft	windows_11_24h2	*	*
cpe:2.3:o:microsoft:windows_11_22h2::::::::	microsoft	windows_11_22h2	*	*
cpe:2.3:o:microsoft:windows_server_2016::::::::	microsoft	windows_server_2016	*	*
cpe:2.3:o:microsoft:windows_10_1809:::::::x86:*	microsoft	windows_10_1809	*	*
cpe:2.3:o:microsoft:windows_server_2012:-:::::::*	microsoft	windows_server_2012	-	*
cpe:2.3:o:microsoft:windows_11_23h2::::::::	microsoft	windows_11_23h2	*	*
cpe:2.3:o:microsoft:windows_10_21h2::::::::	microsoft	windows_10_21h2	*	*

لینک	منبع	تگ ها
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32709		Vendor Advisory