TROYANOSYVIRUS
Retour aux CVEs

CVE-2025-29824

HIGHCISA KEV
7.8

Description

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Details CVE

Score CVSS v3.17.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie4/8/2025
Derniere modification10/27/2025
Sourcekev
Observations honeypot0

CISA KEV

FournisseurMicrosoft
ProduitWindows
Nom vulnerabiliteMicrosoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
Date ajout KEV2025-04-08
Date limite remediation2025-04-29
Utilise dans ransomwareKnown

Produits affectes

microsoft:windows_10_1507microsoft:windows_10_1607microsoft:windows_10_1809microsoft:windows_10_21h2microsoft:windows_10_22h2microsoft:windows_11_22h2microsoft:windows_11_23h2microsoft:windows_11_24h2microsoft:windows_server_2008microsoft:windows_server_2012microsoft:windows_server_2016microsoft:windows_server_2019microsoft:windows_server_2022microsoft:windows_server_2022_23h2microsoft:windows_server_2025

Faiblesses (CWE)

CWE-416

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29824(secure@microsoft.com)
https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-detection-script(af854a3a-2127-422b-91ae-364da2661108)
https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-mitigation-script(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-29824(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.