Vulnerability-Lookup

CVE-2025-3052 (GCVE-0-2025-3052)

Vulnerability from cvelistv5 – Published: 2025-06-10 19:19 – Updated: 2025-06-10 21:03

Title

An arbitrary write vulnerability in Microsoft signed UEFI firmware from DT Research Inc.

Summary

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

Severity ?

8.2 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-123 - Write-what-where Condition

Assigner

certcc

References

URL

FKIE_CVE-2025-3052

Vulnerability from fkie_nvd - Published: 2025-06-10 20:15 - Updated: 2025-06-12 16:06

Severity ?

8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

References

	URL	Tags
	cret@cert.org	https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html
	cret@cert.org	https://www.binarly.io/advisories/brly-dva-2025-001
	af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/806555

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de escritura arbitraria en el firmware UEFI firmado por Microsoft permite la ejecuci\u00f3n de c\u00f3digo de software no confiable. Esto permite a un atacante controlar su valor, lo que provoca escrituras arbitrarias en memoria, incluyendo la modificaci\u00f3n de configuraciones cr\u00edticas del firmware almacenadas en la NVRAM. La explotaci\u00f3n de esta vulnerabilidad podr\u00eda permitir eludir la seguridad, mecanismos de persistencia o comprometer completamente el sistema."
    }
  ],
  "id": "CVE-2025-3052",
  "lastModified": "2025-06-12T16:06:29.520",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-06-10T20:15:23.037",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html"
    },
    {
      "source": "cret@cert.org",
      "url": "https://www.binarly.io/advisories/brly-dva-2025-001"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.kb.cert.org/vuls/id/806555"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Awaiting Analysis"
}

CVE-2025-3052

Vulnerability from fstec - Published: 10.06.2025

Title

Уязвимость реализации протокола безопасной загрузки Secure Boot операционной системы Windows, позволяющая нарушителю обойти существующие ограничения безопасности и выполнить произвольный код

Description

Уязвимость реализации протокола безопасной загрузки Secure Boot операционной системы Windows связана с разыменованием недоверенного указателя. Эксплуатация уязвимости может позволить нарушителю обойти существующие ограничения безопасности и выполнить произвольный код

Severity ?


                    
                      AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Vendor

Microsoft Corp

Software Name

Windows Server 2012, Windows Server 2012 R2, Windows 10, Windows 10 1607, Windows Server 2016, Windows Server 2012 R2 (Server Core installation), Windows Server 2016 (Server Core installation), Windows 10 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022 (Server Core installation), Windows 10 21H2, Windows 11 22H2, Windows 10 22H2, Windows Server 2012 (Server Core installation), Windows 11 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 24H2, Windows Server 2025, Windows Server 2025 (Server Core installation)

Software Version

- (Windows Server 2012), - (Windows Server 2012 R2), - (Windows 10), - (Windows 10 1607), - (Windows Server 2016), - (Windows Server 2012 R2 (Server Core installation)), - (Windows Server 2016 (Server Core installation)), - (Windows 10 1809), - (Windows Server 2019), - (Windows Server 2019 (Server Core installation)), - (Windows Server 2022), - (Windows Server 2022 (Server Core installation)), - (Windows 10 21H2), - (Windows 11 22H2), - (Windows 10 22H2), - (Windows Server 2012 (Server Core installation)), - (Windows 11 23H2), - (Windows Server 2022, 23H2 Edition (Server Core installation)), - (Windows 11 24H2), - (Windows Server 2025), - (Windows Server 2025 (Server Core installation))

Possible Mitigations

Установка обновлений из доверенных источников. В связи со сложившейся обстановкой и введенными санкциями против Российской Федерации рекомендуется устанавливать обновления программного обеспечения только после оценки всех сопутствующих рисков. Компенсирующие меры: - минимизация пользовательских привилегий; - отключение/удаление неиспользуемых учётных записей пользователей; - использование средств доверенной загрузки для предотвращения возможности эксплуатации уязвимости. Использование рекомендаций: https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-3052

Reference

https://www.binarly.io/blog/another-crack-in-the-chain-of-trust https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-3052

CWE

CWE-822

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "TO2146, TO2147, TO2152, TO2156, TO2157",
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": "TO2146 \u041d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Windows 11 23H2 \u0434\u043b\u044f x64 \u0441\u0438\u0441\u0442\u0435\u043c (KB5060999), TO2147 \u041d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Windows 11 24H2 \u0434\u043b\u044f x64 \u0441\u0438\u0441\u0442\u0435\u043c (KB5060842), TO2152 \u041d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Windows Server 2022 21H2 \u0434\u043b\u044f x64 \u0441\u0438\u0441\u0442\u0435\u043c (KB5060526), TO2156 \u041d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Windows Server 2016 \u0434\u043b\u044f x64 \u0441\u0438\u0441\u0442\u0435\u043c (KB5061010), TO2157 \u041d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Windows Server 2019 \u0434\u043b\u044f x64 \u0441\u0438\u0441\u0442\u0435\u043c (KB5060531)",
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Microsoft Corp",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (Windows Server 2012), - (Windows Server 2012 R2), - (Windows 10), - (Windows 10 1607), - (Windows Server 2016), - (Windows Server 2012 R2 (Server Core installation)), - (Windows Server 2016 (Server Core installation)), - (Windows 10 1809), - (Windows Server 2019), - (Windows Server 2019 (Server Core installation)), - (Windows Server 2022), - (Windows Server 2022 (Server Core installation)), - (Windows 10 21H2), - (Windows 11 22H2), - (Windows 10 22H2), - (Windows Server 2012 (Server Core installation)), - (Windows 11 23H2), - (Windows Server 2022, 23H2 Edition (Server Core installation)), - (Windows 11 24H2), - (Windows Server 2025), - (Windows Server 2025 (Server Core installation))",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435/\u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-3052",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "10.06.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "13.06.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "13.06.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-06727",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-3052",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Windows Server 2012, Windows Server 2012 R2, Windows 10, Windows 10 1607, Windows Server 2016, Windows Server 2012 R2 (Server Core installation), Windows Server 2016 (Server Core installation), Windows 10 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022 (Server Core installation), Windows 10 21H2, Windows 11 22H2, Windows 10 22H2, Windows Server 2012 (Server Core installation), Windows 11 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 24H2, Windows Server 2025, Windows Server 2025 (Server Core installation)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Microsoft Corp Windows Server 2012 - , Microsoft Corp Windows Server 2012 R2 - , Microsoft Corp Windows 10 - 64-bit, Microsoft Corp Windows 10 - 32-bit, Microsoft Corp Windows 10 1607 - 64-bit, Microsoft Corp Windows 10 1607 - 32-bit, Microsoft Corp Windows Server 2016 - , Microsoft Corp Windows Server 2012 R2 (Server Core installation) - , Microsoft Corp Windows Server 2016 (Server Core installation) - , Microsoft Corp Windows 10 1809 - 64-bit, Microsoft Corp Windows 10 1809 - 32-bit, Microsoft Corp Windows Server 2019 - , Microsoft Corp Windows Server 2019 (Server Core installation) - , Microsoft Corp Windows Server 2022 - , Microsoft Corp Windows Server 2022 (Server Core installation) - , Microsoft Corp Windows 10 21H2 - 64-bit, Microsoft Corp Windows 10 21H2 - 32-bit, Microsoft Corp Windows 10 21H2 - ARM64, Microsoft Corp Windows 11 22H2 - 64-bit, Microsoft Corp Windows 11 22H2 - ARM64, Microsoft Corp Windows 10 22H2 - 64-bit, Microsoft Corp Windows 10 22H2 - ARM64, Microsoft Corp Windows 10 22H2 - 32-bit, Microsoft Corp Windows Server 2012 (Server Core installation) - , Microsoft Corp Windows 11 23H2 - 64-bit, Microsoft Corp Windows 11 23H2 - ARM64, Microsoft Corp Windows Server 2022, 23H2 Edition (Server Core installation) - , Microsoft Corp Windows 11 24H2 - 64-bit, Microsoft Corp Windows 11 24H2 - ARM64, Microsoft Corp Windows Server 2025 - , Microsoft Corp Windows Server 2025 (Server Core installation) - ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 Secure Boot \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0435 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f (CWE-822)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 Secure Boot \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.binarly.io/blog/another-crack-in-the-chain-of-trust\nhttps://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-3052",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-822",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,2)"
}

CERTFR-2025-AVI-0499

Vulnerability from certfr_avis - Published: 2025-06-11 - Updated: 2025-06-11

De multiples vulnérabilités ont été découvertes dans Microsoft Windows. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Microsoft indique que la vulnérabilité CVE-2025-33053 est activement exploitée.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2012 (Server Core installation) versions antérieures à 6.2.9200.25475
Microsoft	Windows	Windows Server 2012 R2 versions antérieures à 6.3.9600.22620
Microsoft	Windows	Windows 11 Version 24H2 pour systèmes x64 versions antérieures à 10.0.26100.3981
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 versions antérieures à 1
Microsoft	Windows	Windows 11 Version 22H2 pour systèmes x64 versions antérieures à 10.0.22621.5335
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.23351
Microsoft	Windows	Windows 10 pour systèmes 32 bits versions antérieures à 10.0.10240.21034
Microsoft	Windows	Windows 11 Version 24H2 pour systèmes x64 versions antérieures à 10.0.26100.4270
Microsoft	Windows	Windows Server 2012 R2 (Server Core installation) versions antérieures à 1
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 versions antérieures à 6.1.7601.27729
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 versions antérieures à 6.0.6003.23279
Microsoft	Windows	Windows 10 Version 1607 pour systèmes x64 versions antérieures à 10.0.14393.8066
Microsoft	Windows	Windows App Client pour Windows Desktop versions antérieures à 2.0.505.0
Microsoft	Windows	Windows Server 2012 R2 versions antérieures à 1
Microsoft	Windows	Windows 10 Version 21H2 pour systèmes 32 bits versions antérieures à 10.0.19044.5965
Microsoft	Windows	Windows Server 2019 versions antérieures à 10.0.17763.7314
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) versions antérieures à 1
Microsoft	Windows	Windows 11 Version 23H2 pour systèmes x64 versions antérieures à 10.0.22631.5472
Microsoft	Windows	Windows Server 2022 versions antérieures à 10.0.20348.3630
Microsoft	Windows	Windows Server 2012 R2 (Server Core installation) versions antérieures à 6.3.9600.22620
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 versions antérieures à 1
Microsoft	Windows	Windows Server 2016 versions antérieures à 10.0.14393.8148
Microsoft	Windows	Windows Server 2022, 23H2 Edition (Server Core installation) versions antérieures à 10.0.25398.1611
Microsoft	Windows	Windows Server 2019 (Server Core installation) versions antérieures à 10.0.17763.7434
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.23279
Microsoft	Windows	Windows 10 pour systèmes x64 versions antérieures à 10.0.10240.21014
Microsoft	Windows	Windows Server 2016 (Server Core installation) versions antérieures à 10.0.14393.8066
Microsoft	Windows	Windows 11 Version 24H2 pour systèmes ARM64 versions antérieures à 10.0.26100.4270
Microsoft	Windows	Windows 11 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.22621.5472
Microsoft	Windows	Windows Server 2012 (Server Core installation) versions antérieures à 6.2.9200.25522
Microsoft	Windows	Windows Server 2025 (Server Core installation) versions antérieures à 10.0.26100.3981
Microsoft	Windows	Windows 11 Version 24H2 pour systèmes ARM64 versions antérieures à 10.0.26100.3981
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.23279
Microsoft	Windows	Windows Server 2019 (Server Core installation) versions antérieures à 10.0.17763.7314
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 versions antérieures à 6.0.6003.23351
Microsoft	Windows	Windows 11 Version 23H2 pour systèmes ARM64 versions antérieures à 10.0.22631.5335
Microsoft	Windows	Windows Server 2025 (Server Core installation) versions antérieures à 10.0.26100.4270
Microsoft	Windows	Windows 10 Version 21H2 pour systèmes ARM64 versions antérieures à 10.0.19044.5965
Microsoft	Windows	Windows 10 pour systèmes 32 bits versions antérieures à 10.0.10240.21014
Microsoft	Windows	Windows Server 2025 versions antérieures à 10.0.26100.4270
Microsoft	Windows	Windows 10 Version 22H2 pour systèmes x64 versions antérieures à 10.0.19045.5854
Microsoft	Windows	Windows 10 Version 21H2 pour systèmes x64 versions antérieures à 10.0.19044.5854
Microsoft	Windows	Windows 10 Version 1809 pour systèmes 32 bits versions antérieures à 10.0.17763.7434
Microsoft	Windows	Windows Server 2012 versions antérieures à 6.2.9200.25475
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 versions antérieures à 6.0.6003.23351
Microsoft	Windows	Windows 10 Version 22H2 pour systèmes 32 bits versions antérieures à 10.0.19045.5854
Microsoft	Windows	Windows 11 Version 23H2 pour systèmes x64 versions antérieures à 10.0.22631.5335
Microsoft	Windows	Windows 10 Version 1809 pour systèmes 32 bits versions antérieures à 10.0.17763.7314
Microsoft	Windows	Remote Desktop client pour Windows Desktop versions antérieures à 1.2.6278.0
Microsoft	Windows	Windows Server 2022, 23H2 Edition (Server Core installation) versions antérieures à 10.0.25398.1665
Microsoft	Windows	Windows Server 2022 (Server Core installation) versions antérieures à 10.0.20348.3630
Microsoft	Windows	Windows 10 Version 1607 pour systèmes 32 bits versions antérieures à 10.0.14393.8148
Microsoft	Windows	Windows 10 pour systèmes x64 versions antérieures à 10.0.10240.21034
Microsoft	Windows	Windows 10 Version 1607 pour systèmes x64 versions antérieures à 10.0.14393.8148
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) versions antérieures à 1
Microsoft	Windows	Windows 10 Version 1607 pour systèmes 32 bits versions antérieures à 10.0.14393.8066
Microsoft	Windows	Windows Server 2022 versions antérieures à 10.0.20348.3745
Microsoft	Windows	Windows 10 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.19045.5965
Microsoft	Windows	Windows Server 2025 versions antérieures à 10.0.26100.3981
Microsoft	Windows	Windows 10 Version 22H2 pour systèmes 32 bits versions antérieures à 10.0.19045.5965
Microsoft	Windows	Windows 10 Version 1809 pour systèmes x64 versions antérieures à 10.0.17763.7434
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.23351
Microsoft	Windows	Windows 11 Version 23H2 pour systèmes ARM64 versions antérieures à 10.0.22621.5335
Microsoft	Windows	Windows Server 2016 (Server Core installation) versions antérieures à 10.0.14393.8148
Microsoft	Windows	Windows 11 Version 23H2 pour systèmes x64 versions antérieures à 10.0.22621.5335
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) versions antérieures à 6.1.7601.27769
Microsoft	Windows	Windows 10 Version 21H2 pour systèmes 32 bits versions antérieures à 10.0.19044.5854
Microsoft	Windows	Windows Server 2019 versions antérieures à 10.0.17763.7434
Microsoft	Windows	Windows 10 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.19045.5854
Microsoft	Windows	Windows Server 2012 R2 (Server Core installation) versions antérieures à 6.3.9600.22577
Microsoft	Windows	Windows 10 Version 22H2 pour systèmes x64 versions antérieures à 10.0.19045.5965
Microsoft	Windows	Windows 11 Version 22H2 pour systèmes x64 versions antérieures à 10.0.22621.5472
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) versions antérieures à 1
Microsoft	Windows	Windows SDK versions antérieures à 10.0.26100.4188
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 versions antérieures à 1
Microsoft	Windows	Windows 10 Version 21H2 pour systèmes ARM64 versions antérieures à 10.0.19044.5854
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 versions antérieures à 6.1.7601.27769
Microsoft	Windows	Windows 10 Version 21H2 pour systèmes x64 versions antérieures à 10.0.19044.5965
Microsoft	Windows	Windows 10 Version 1809 pour systèmes x64 versions antérieures à 10.0.17763.7314
Microsoft	Windows	Windows Server 2022 (Server Core installation) versions antérieures à 10.0.20348.3745
Microsoft	Windows	Windows Server 2012 (Server Core installation) versions antérieures à 1
Microsoft	Windows	Windows Server 2012 versions antérieures à 6.2.9200.25522
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 versions antérieures à 6.0.6003.23279
Microsoft	Windows	Windows 11 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.22621.5335
Microsoft	Windows	Windows Security App versions antérieures à 1000.27840.0.1000
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) versions antérieures à 6.1.7601.27729
Microsoft	Windows	Windows Server 2012 versions antérieures à 1
Microsoft	Windows	Windows Server 2012 R2 versions antérieures à 6.3.9600.22577
Microsoft	Windows	Windows Server 2016 versions antérieures à 10.0.14393.8066
Microsoft	Windows	Windows 11 Version 23H2 pour systèmes ARM64 versions antérieures à 10.0.22631.5472

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft Windows CVE-2025-32722	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-32721	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-47969	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-32712	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33056	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33060	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33059	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33061	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33062	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33067	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-24069	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33075	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33071	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-24068	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33068	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33053	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33050	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-47955	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-32720	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-24065	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-47962	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-32718	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33052	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-32724	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-3052	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33057	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-32710	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-32713	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-32716	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33073	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-47160	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-32725	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-29828	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33069	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33058	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33065	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-32715	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33064	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33063	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33055	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33066	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-47956	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-32719	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-32714	2025-06-10	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2025-33070	2025-06-10	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 6.2.9200.25475",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 6.3.9600.22620",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 24H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26100.3981",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 versions ant\u00e9rieures \u00e0 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22621.5335",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.23351",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.10240.21034",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 24H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26100.4270",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 versions ant\u00e9rieures \u00e0 6.1.7601.27729",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.23279",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.14393.8066",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows App Client pour Windows Desktop versions ant\u00e9rieures \u00e0 2.0.505.0",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19044.5965",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019 versions ant\u00e9rieures \u00e0 10.0.17763.7314",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 23H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22631.5472",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2022 versions ant\u00e9rieures \u00e0 10.0.20348.3630",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.3.9600.22620",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 versions ant\u00e9rieures \u00e0 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016 versions ant\u00e9rieures \u00e0 10.0.14393.8148",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2022, 23H2 Edition (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.25398.1611",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.17763.7434",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.23279",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.10240.21014",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.14393.8066",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 24H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26100.4270",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22621.5472",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 6.2.9200.25522",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2025 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.26100.3981",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 24H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26100.3981",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.23279",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.17763.7314",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.23351",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22631.5335",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2025 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.26100.4270",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19044.5965",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.10240.21014",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2025 versions ant\u00e9rieures \u00e0 10.0.26100.4270",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19045.5854",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 21H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19044.5854",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.17763.7434",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 6.2.9200.25475",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.23351",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19045.5854",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 23H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22631.5335",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.17763.7314",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Remote Desktop client pour Windows Desktop versions ant\u00e9rieures \u00e0 1.2.6278.0",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2022, 23H2 Edition (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.25398.1665",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2022 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.20348.3630",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.14393.8148",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.10240.21034",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.14393.8148",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation) versions ant\u00e9rieures \u00e0 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.14393.8066",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2022 versions ant\u00e9rieures \u00e0 10.0.20348.3745",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19045.5965",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2025 versions ant\u00e9rieures \u00e0 10.0.26100.3981",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19045.5965",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.17763.7434",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.23351",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22621.5335",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.14393.8148",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 23H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22621.5335",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation) versions ant\u00e9rieures \u00e0 6.1.7601.27769",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19044.5854",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019 versions ant\u00e9rieures \u00e0 10.0.17763.7434",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19045.5854",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.3.9600.22577",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19045.5965",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22621.5472",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows SDK versions ant\u00e9rieures \u00e0 10.0.26100.4188",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 versions ant\u00e9rieures \u00e0 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19044.5854",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 versions ant\u00e9rieures \u00e0 6.1.7601.27769",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 21H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19044.5965",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.17763.7314",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2022 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.20348.3745",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 6.2.9200.25522",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.23279",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22621.5335",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Security App versions ant\u00e9rieures \u00e0 1000.27840.0.1000",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation) versions ant\u00e9rieures \u00e0 6.1.7601.27729",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 6.3.9600.22577",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016 versions ant\u00e9rieures \u00e0 10.0.14393.8066",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22631.5472",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-33073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33073"
    },
    {
      "name": "CVE-2025-24068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24068"
    },
    {
      "name": "CVE-2025-33071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33071"
    },
    {
      "name": "CVE-2025-33061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33061"
    },
    {
      "name": "CVE-2025-32720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32720"
    },
    {
      "name": "CVE-2025-32713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32713"
    },
    {
      "name": "CVE-2025-33067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33067"
    },
    {
      "name": "CVE-2025-47160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47160"
    },
    {
      "name": "CVE-2025-33068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33068"
    },
    {
      "name": "CVE-2025-33055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33055"
    },
    {
      "name": "CVE-2025-33065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33065"
    },
    {
      "name": "CVE-2025-32712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32712"
    },
    {
      "name": "CVE-2025-47956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47956"
    },
    {
      "name": "CVE-2025-32715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32715"
    },
    {
      "name": "CVE-2025-33069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33069"
    },
    {
      "name": "CVE-2025-47955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47955"
    },
    {
      "name": "CVE-2025-33053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33053"
    },
    {
      "name": "CVE-2025-33070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33070"
    },
    {
      "name": "CVE-2025-32721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32721"
    },
    {
      "name": "CVE-2025-33062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33062"
    },
    {
      "name": "CVE-2025-32722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32722"
    },
    {
      "name": "CVE-2025-33052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33052"
    },
    {
      "name": "CVE-2025-32725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32725"
    },
    {
      "name": "CVE-2025-32710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32710"
    },
    {
      "name": "CVE-2025-47962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47962"
    },
    {
      "name": "CVE-2025-24065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24065"
    },
    {
      "name": "CVE-2025-33075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33075"
    },
    {
      "name": "CVE-2025-33059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33059"
    },
    {
      "name": "CVE-2025-33064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33064"
    },
    {
      "name": "CVE-2025-29828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-29828"
    },
    {
      "name": "CVE-2025-32724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32724"
    },
    {
      "name": "CVE-2025-33056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33056"
    },
    {
      "name": "CVE-2025-33057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33057"
    },
    {
      "name": "CVE-2025-33063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33063"
    },
    {
      "name": "CVE-2025-47969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47969"
    },
    {
      "name": "CVE-2025-32718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32718"
    },
    {
      "name": "CVE-2025-32714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32714"
    },
    {
      "name": "CVE-2025-32719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32719"
    },
    {
      "name": "CVE-2025-33058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33058"
    },
    {
      "name": "CVE-2025-33060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33060"
    },
    {
      "name": "CVE-2025-33050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33050"
    },
    {
      "name": "CVE-2025-33066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33066"
    },
    {
      "name": "CVE-2025-32716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32716"
    },
    {
      "name": "CVE-2025-3052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3052"
    },
    {
      "name": "CVE-2025-24069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24069"
    }
  ],
  "initial_release_date": "2025-06-11T00:00:00",
  "last_revision_date": "2025-06-11T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0499",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-06-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Windows. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n\nMicrosoft indique que la vuln\u00e9rabilit\u00e9 CVE-2025-33053 est activement exploit\u00e9e.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-32722",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32722"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-32721",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32721"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-47969",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47969"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-32712",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32712"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33056",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33056"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33060",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33060"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33059",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33059"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33061",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33061"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33062",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33062"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33067",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33067"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-24069",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24069"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33075",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33075"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33071",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33071"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-24068",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24068"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33068",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33068"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33053",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33053"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33050",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33050"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-47955",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47955"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-32720",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32720"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-24065",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24065"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-47962",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47962"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-32718",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32718"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33052",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33052"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-32724",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32724"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-3052",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-3052"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33057",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33057"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-32710",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32710"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-32713",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32713"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-32716",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32716"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33073",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33073"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-47160",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47160"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-32725",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32725"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-29828",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29828"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33069",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33069"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33058",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33058"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33065",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33065"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-32715",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32715"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33064",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33064"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33063",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33063"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33055",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33055"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33066",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33066"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-47956",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47956"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-32719",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32719"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-32714",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32714"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-33070",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33070"
    }
  ]
}

GHSA-Q4RV-V64C-3HFF

Vulnerability from github – Published: 2025-06-10 21:31 – Updated: 2025-06-10 21:31

Details

Severity ?

8.2 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-3052"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-10T20:15:23Z",
    "severity": "HIGH"
  },
  "details": "An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.",
  "id": "GHSA-q4rv-v64c-3hff",
  "modified": "2025-06-10T21:31:23Z",
  "published": "2025-06-10T21:31:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3052"
    },
    {
      "type": "WEB",
      "url": "https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html"
    },
    {
      "type": "WEB",
      "url": "https://www.binarly.io/advisories/brly-dva-2025-001"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/806555"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-3052 (GCVE-0-2025-3052)

FKIE_CVE-2025-3052

CVE-2025-3052

CERTFR-2025-AVI-0499

Solutions

GHSA-Q4RV-V64C-3HFF

Tags

Sightings

Nomenclature