CVE-2025-30400

HIGH KEV

Windows DWM - Use After Free

Title source: llm

Description

Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.

Exploits (1)

nomisec WORKING POC
by encrypter15 · poc
https://github.com/encrypter15/CVE-2025-30400

References (2)

Scores

CVSS v3 7.8
EPSS 0.0075
EPSS Percentile 73.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2025-05-13
VulnCheck KEV 2025-05-13
ENISA EUVD EUVD-2025-14444
CWE
CWE-416
Status published
Products (10)
microsoft/windows_10_1809 < 10.0.17763.7314 (2 CPE variants)
microsoft/windows_10_21h2 < 10.0.19044.5854
microsoft/windows_10_22h2 < 10.0.19045.5854
microsoft/windows_11_22h2 < 10.0.22621.5335
microsoft/windows_11_23h2 < 10.0.22631.5335
microsoft/windows_11_24h2 < 10.0.26100.3981
microsoft/windows_server_2019 < 10.0.17763.7314
microsoft/windows_server_2022 < 10.0.20348.3692
microsoft/windows_server_2022_23h2 < 10.0.25398.1611
microsoft/windows_server_2025 < 10.0.26100.3981
Published May 13, 2025
KEV Added May 13, 2025
Tracked Since Feb 18, 2026