CVE-2025-48799

HIGH

Windows Update Service - Privilege Escalation

Title source: llm

Description

Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.

Exploits (3)

nomisec WORKING POC 264 stars
by Wh04m1001 · poc
https://github.com/Wh04m1001/CVE-2025-48799
nomisec WORKING POC
by gmh5225 · poc
https://github.com/gmh5225/CVE-2025-48799-
nomisec WORKING POC
by painoob · poc
https://github.com/painoob/CVE-2025-48799

References (3)

Scores

CVSS v3 7.8
EPSS 0.0179
EPSS Percentile 82.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-59
Status published
Products (8)
microsoft/windows_10_1607 < 10.0.14393.8246 (2 CPE variants)
microsoft/windows_10_1809 < 10.0.17763.7558 (2 CPE variants)
microsoft/windows_10_21h2 < 10.0.19044.6093
microsoft/windows_10_22h2 < 10.0.19045.6093
microsoft/windows_11_22h2 < 10.0.22621.5624
microsoft/windows_11_23h2 < 10.0.22631.5624
microsoft/windows_11_24h2 < 10.0.26100.4652
microsoft/windows_server_2025 < 10.0.26100.4652
Published Jul 08, 2025
Tracked Since Feb 18, 2026