Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
Metrics
Affected Vendors & Products
References
History
Wed, 16 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Mon, 14 Jul 2025 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Microsoft
Microsoft windows 10 1507 Microsoft windows 10 1607 Microsoft windows 10 1809 Microsoft windows 10 21h2 Microsoft windows 10 22h2 Microsoft windows 11 22h2 Microsoft windows 11 23h2 Microsoft windows 11 24h2 Microsoft windows Server 2008 Microsoft windows Server 2012 Microsoft windows Server 2016 Microsoft windows Server 2019 Microsoft windows Server 2022 Microsoft windows Server 2022 23h2 Microsoft windows Server 2025 |
|
CPEs | cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Microsoft
Microsoft windows 10 1507 Microsoft windows 10 1607 Microsoft windows 10 1809 Microsoft windows 10 21h2 Microsoft windows 10 22h2 Microsoft windows 11 22h2 Microsoft windows 11 23h2 Microsoft windows 11 24h2 Microsoft windows Server 2008 Microsoft windows Server 2012 Microsoft windows Server 2016 Microsoft windows Server 2019 Microsoft windows Server 2022 Microsoft windows Server 2022 23h2 Microsoft windows Server 2025 |
Mon, 14 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Tue, 08 Jul 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 08 Jul 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. | |
Title | Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability | |
Weaknesses | CWE-126 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: microsoft
Published: 2025-07-08T16:57:02.439Z
Updated: 2025-07-16T22:56:44.974Z
Reserved: 2025-05-14T14:13:13.465Z
Link: CVE-2025-47971

Updated: 2025-07-08T19:26:06.510Z

Status : Analyzed
Published: 2025-07-08T17:15:37.133
Modified: 2025-07-14T17:29:00.557
Link: CVE-2025-47971

No data.