Описание
Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-21204
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21204
- https://www.vicarius.io/vsociety/posts/cve-2025-21204-privilege-elevation-vulnerability-in-microsoft-windows-update-stack-detection-script
- https://www.vicarius.io/vsociety/posts/cve-2025-21204-privilege-elevation-vulnerability-in-microsoft-windows-update-stack-mitigation-script
Связанные уязвимости
CVSS3: 7.8
nvd
10 месяцев назад
Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
CVSS3: 7.8
msrc
10 месяцев назад
Windows Process Activation Elevation of Privilege Vulnerability
CVSS3: 7.8
fstec
10 месяцев назад
Уязвимость компонента Windows Update Stack операционной системы Windows, позволяющая нарушителю повысить свои привилегии