CVE-2025-24072

Published Mar 11, 2025

Last updated 24 days ago

CVSS high 7.8

Overview

Description
Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.
Source
secure@microsoft.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-416

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-24072 🔴 HIGH (7.8) 🏢 Microsoft - Windows 10 Version 1809 🏗️ 10.0.17763.0 🔗 https://t.co/5WaSWnoTLp #CyberCron #VulnAlert #InfoSec https://t.co/lnqfng7PeX

    @cybercronai

    13 Mar 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References