Allgemein – Seite 358

CVE-2025-60718 Windows Administrator Protection Elevation of Privilege Vulnerability

Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.

CVE-2025-62452 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

CVE-2025-47179 Configuration Manager Elevation of Privilege Vulnerability

Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.

CVE-2025-62210 Dynamics 365 Field Service (online) Spoofing Vulnerability

Improper neutralization of input during web page generation (‚cross-site scripting‘) in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.

CVE-2025-59513 Windows Bluetooth RFCOM Protocol Driver Information Disclosure Vulnerability

Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally.

CVE-2025-60719 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2025-60714 Windows OLE Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally.

CVE-2025-59507 Windows Speech Runtime Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows Speech allows an authorized attacker to elevate privileges locally.

CVE-2025-59508 Windows Speech Recognition Elevation of Privilege Vulnerability