CVE-2025-48819

Summary

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

Affected Software

VendorProductVersion RangeStatus
MicrosoftWindows 10 Version 150710.0.10240.0 < 10.0.10240.21073affected
MicrosoftWindows 10 Version 160710.0.14393.0 < 10.0.14393.8246affected
MicrosoftWindows 10 Version 180910.0.17763.0 < 10.0.17763.7558affected
MicrosoftWindows 10 Version 21H210.0.19044.0 < 10.0.19044.6093affected
MicrosoftWindows 10 Version 22H210.0.19045.0 < 10.0.19045.6093affected
MicrosoftWindows 11 version 22H210.0.22621.0 < 10.0.22621.5624affected
MicrosoftWindows 11 version 22H310.0.22631.0 < 10.0.22631.5624affected
MicrosoftWindows 11 Version 23H210.0.22631.0 < 10.0.22631.5624affected
MicrosoftWindows 11 Version 24H210.0.26100.0 < 10.0.26100.4652affected
MicrosoftWindows Server 2008 R2 Service Pack 16.1.7601.0 < 6.1.7601.27820affected
MicrosoftWindows Server 2008 R2 Service Pack 1 (Server Core installation)6.1.7601.0 < 6.1.7601.27820affected
MicrosoftWindows Server 2008 Service Pack 26.0.6003.0 < 6.0.6003.23418affected
MicrosoftWindows Server 2008 Service Pack 2 (Server Core installation)6.0.6003.0 < 6.0.6003.23418affected
MicrosoftWindows Server 20126.2.9200.0 < 6.2.9200.25573affected
MicrosoftWindows Server 2012 (Server Core installation)6.2.9200.0 < 6.2.9200.25573affected
MicrosoftWindows Server 2012 R26.3.9600.0 < 6.3.9600.22676affected
MicrosoftWindows Server 2012 R2 (Server Core installation)6.3.9600.0 < 6.3.9600.22676affected
MicrosoftWindows Server 201610.0.14393.0 < 10.0.14393.8246affected
MicrosoftWindows Server 2016 (Server Core installation)10.0.14393.0 < 10.0.14393.8246affected
MicrosoftWindows Server 201910.0.17763.0 < 10.0.17763.7558affected
MicrosoftWindows Server 2019 (Server Core installation)10.0.17763.0 < 10.0.17763.7558affected
MicrosoftWindows Server 202210.0.20348.0 < 10.0.20348.3932affected
MicrosoftWindows Server 2022, 23H2 Edition (Server Core installation)10.0.25398.0 < 10.0.25398.1732affected
MicrosoftWindows Server 202510.0.26100.0 < 10.0.26100.4652affected
MicrosoftWindows Server 2025 (Server Core installation)10.0.26100.0 < 10.0.26100.4652affected

Weaknesses

  • CWE-591: CWE-591: Sensitive Data Storage in Improperly Locked Memory

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References