September 2025 – Page 11 – TheWindowsUpdate.com

CVE-2025-49734 PowerShell Direct Elevation of Privilege Vulnerability

Posted on September 9, 2025 by Syndicated News — No Comments ↓

Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-49734 PowerShell Direct Elevation of Privilege Vulnerability→

CVE-2025-54115 Windows Hyper-V Elevation of Privilege Vulnerability

Posted on September 9, 2025 by Syndicated News — No Comments ↓

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Hyper-V allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-54115 Windows Hyper-V Elevation of Privilege Vulnerability→

CVE-2025-55234 Windows SMB Elevation of Privilege Vulnerability

Posted on September 9, 2025 by Syndicated News — No Comments ↓

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks.

The SMB Server alr… Continue reading CVE-2025-55234 Windows SMB Elevation of Privilege Vulnerability→

CVE-2025-54114 Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability

Posted on September 9, 2025 by Syndicated News — No Comments ↓

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Connected Devices Platform Service allows an authorized attacker to deny service locally. Continue reading CVE-2025-54114 Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability→

CVE-2025-55224 Windows Hyper-V Remote Code Execution Vulnerability

Posted on September 9, 2025 by Syndicated News — No Comments ↓

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Win32K – GRFX allows an authorized attacker to execute code locally. Continue reading CVE-2025-55224 Windows Hyper-V Remote Code Execution Vulnerability→

CVE-2025-54113 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Posted on September 9, 2025 by Syndicated News — No Comments ↓

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-54113 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability→

CVE-2025-54915 Windows Defender Firewall Service Elevation of Privilege Vulnerability

Posted on September 9, 2025 by Syndicated News — No Comments ↓

Access of resource using incompatible type (‘type confusion’) in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-54915 Windows Defender Firewall Service Elevation of Privilege Vulnerability→

CVE-2025-54112 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

Posted on September 9, 2025 by Syndicated News — No Comments ↓

Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-54112 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability→