Описание
Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-21204
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21204
- https://www.vicarius.io/vsociety/posts/cve-2025-21204-privilege-elevation-vulnerability-in-microsoft-windows-update-stack-detection-script
- https://www.vicarius.io/vsociety/posts/cve-2025-21204-privilege-elevation-vulnerability-in-microsoft-windows-update-stack-mitigation-script
Связанные уязвимости
CVSS3: 7.8
nvd
7 месяцев назад
Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
CVSS3: 7.8
msrc
7 месяцев назад
Windows Process Activation Elevation of Privilege Vulnerability
CVSS3: 7.8
fstec
7 месяцев назад
Уязвимость компонента Windows Update Stack операционной системы Windows, позволяющая нарушителю повысить свои привилегии