Cyber Posture

CVE-2025-21304

High

Published: 14 January 2025

Published
14 January 2025
Modified
24 January 2025
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0028 51.1th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Security Summary

CVE-2025-21304 is an elevation of privilege vulnerability in the Microsoft DWM Core Library, stemming from a use-after-free error (CWE-416). It affects the Desktop Window Manager Core Library component in Microsoft Windows operating systems. The vulnerability has a CVSS v3.1 base score of 7.8 (High), with vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access is required, low attack complexity, low privileges needed, no user interaction, unchanged scope, and high impacts on confidentiality, integrity, and availability.

A low-privileged local attacker can exploit this vulnerability to elevate privileges on the affected system. By triggering the use-after-free condition in the DWM Core Library, the attacker can achieve arbitrary code execution with SYSTEM-level privileges, potentially leading to full system compromise, data theft, modification of critical files, or disruption of services.

Microsoft's security advisory provides details on mitigation and available patches at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21304. Security practitioners should apply the recommended updates promptly to address this issue.

Details

CWE(s)
CWE-416NVD-CWE-noinfo

Affected Products

microsoft
windows 10 1607
≤ 10.0.14393.7699 · ≤ 10.0.14393.7699
microsoft
windows 10 1809
≤ 10.0.17763.6775 · ≤ 10.0.17763.6775
microsoft
windows 10 21h2
≤ 10.0.19044.5371
microsoft
windows 10 22h2
≤ 10.0.19045.5371
microsoft
windows server 2016
≤ 10.0.14393.7699
microsoft
windows server 2019
≤ 10.0.17763.6775

References