CVE-2025-24983

Published Mar 11, 2025

Last updated 2 days ago

Exploit knownCVSS high 7.0
Windows
Win32k

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2025-24983 is an elevation of privilege vulnerability found in the Windows Win32k driver. Exploitation of this use-after-free vulnerability allows an attacker to elevate their privileges locally on a system. This vulnerability affects older versions of Windows, specifically Windows 8.1 and Windows Server 2012 R2. Newer operating systems like Windows 10, Windows 11, and Windows Server 2019 and later appear to be unaffected. This vulnerability has been observed being exploited in the wild in conjunction with the PipeMagic backdoor, a malware known for data exfiltration and providing remote access capabilities. Attackers must already have local access to the system to exploit CVE-2025-24983, but successful exploitation allows them to gain SYSTEM privileges. Microsoft patched this vulnerability as part of their March 2025 Patch Tuesday release.

Description
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
Source
secure@microsoft.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
7
Impact score
5.9
Exploitability score
1
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Known exploits

Data from CISA

Vulnerability name
Microsoft Windows Win32k Use-After-Free Vulnerability
Exploit added on
Mar 11, 2025
Exploit action due
Apr 1, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

secure@microsoft.com
CWE-416

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

1

  1. Actively exploited CVE : CVE-2025-24983

    @transilienceai

    15 Mar 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. 🚨 Critical #Windows Kernel Zero-Day Vulnerability Patched (#CVE-2025-24983) https://t.co/kRjY3mNqwf Educational Purposes!

    @UndercodeUpdate

    14 Mar 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 #Windows-#Sicherheitslücke entdeckt! ESET Forscher haben eine #ZeroDay-Schwachstelle (CVE-2025-24983) in älteren Windows-Versionen (u.a. Windows Server und Windows 10) entdeckt. Microsoft hat die Lücke geschlossen – jetzt updaten! Infos: https://t.co/dERAXl5DLm https://t.co/

    @ESET_de

    14 Mar 2025

    4 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Microsoft、定例アップデートで2年間未修正のWindowsカーネル脆弱性(CVE-2025-24983)を修正 #セキュリティ対策Lab #セキュリティ #Security https://t.co/5r5N4LbFj9

    @securityLab_jp

    14 Mar 2025

    78 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨 CVE-2025-24983 🔴 HIGH (7) 🏢 Microsoft - Windows 10 Version 1507 🏗️ 10.0.10240.0 🔗 https://t.co/Y0N7cg7p8j #CyberCron #VulnAlert #InfoSec https://t.co/eJneyIF4Ex

    @cybercronai

    12 Mar 2025

    19 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. ESET discovered a zero-day vulnerability (CVE-2025-24983) in Windows, exploited since March 2023, allowing low-privilege attackers to gain SYSTEM privileges, now patched. #Security #Microsoft https://t.co/MQH3uTyDtg

    @Strivehawk

    12 Mar 2025

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Microsoft’s March 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-26633, CVE-2025-24983, CVE-2025-24993) https://t.co/qj9V35ZLqu https://t.co/rJ7ZorckHf

    @TechMash365

    12 Mar 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Microsoft’s March 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-26633, CVE-2025-24983, CVE-2025-24993) https://t.co/Bs76x1WUgc https://t.co/MnAIyLhIRe

    @secured_cyber

    12 Mar 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Microsoft’s March 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-26633, CVE-2025-24983, CVE-2025-24993) https://t.co/iEnnKi4FhE https://t.co/edMd37EuBC

    @ggrubamn

    12 Mar 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Microsoft Patch Tuesday mars : 57 failles corrigées dont 6 zero-day activement exploitées. Selon ESET le 0-day exploitant la CVE-2025-24983 a été vu pour la première fois en mars 2023 et a été déployé via la backdoor #PipeMagic. https://t.co/F7BySOJBUN

    @cert_ist

    12 Mar 2025

    49 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. ثغرة خطيرة في #Windows تُعرّض الأجهزة للاختراق! معرف CVE-2025-24983: استغلال يسمح برفع الصلاحيات إلى مستوى SYSTEM الأنظمة المتضررة: Windows 10، Server 2016، وما قبلها التحديثات الأمنية: Microsoft أصلحت الثغرة في مارس 2025 حدّث نظامك الآن لحماية بياناتك! https://t.co/GOZpjOmqn7

    @mjbtechtips

    12 Mar 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. Microsoft’s March 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-26633, CVE-2025-24983, CVE-2025-24993) https://t.co/IC5Y4cLVn9 https://t.co/rx1J8mhJit

    @Trej0Jass

    12 Mar 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. A newly patched Windows vulnerability (CVE-2025-24983) has been exploited since March 2023, affecting older systems like Windows 8.1 & Server 2012 R2. Update now! 🔒🖥️ #WindowsPatch #CyberThreats #USA link: https://t.co/DKriDkJiij https://t.co/lYIW0GLwNP

    @TweetThreatNews

    12 Mar 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. Microsoft’s March 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-26633, CVE-2025-24983, CVE-2025-24993) https://t.co/DICKOo36oF https://t.co/QSVFeLKsqy

    @Art_Capella

    12 Mar 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. Microsoft’s March 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-26633, CVE-2025-24983, CVE-2025-24993) https://t.co/Uw6ZamXizW https://t.co/9SAb6FL3MD

    @pcasano

    12 Mar 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. 🔥 Microsoft warns: 6 zero-days under active attack! 🔹 Key threats: CVE-2025-24985 & CVE-2025-24993 – File system flaws allowing remote code execution CVE-2025-24983 – A Win32k zero-day used in the wild with PipeMagic malware CVE-2025-26633 – Security bypass flaw in Microso

    @dysafhackx

    12 Mar 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. Microsoft’s March 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-26633, CVE-2025-24983, CVE-2025-24993) https://t.co/PmXIGZ0YCH https://t.co/dYxmBzG6JE

    @NickBla41002745

    12 Mar 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. 米国CISAが悪用を確認した脆弱性 #KEV をカタログに追加しました。 🛡️No.1295 CVE-2025-24983 Microsoft Windows Win32k Use-After-Free Vulnerability ============= CVSSスコア:7.0 (Base) / Microsoft Corporation CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H… https://t.co/5ykGQpfUCf

    @piyokango

    12 Mar 2025

    4609 Impressions

    2 Retweets

    10 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. Actively exploited CVE : CVE-2025-24983

    @transilienceai

    11 Mar 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

Configurations

References