Описание
Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-21204
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21204
- https://www.vicarius.io/vsociety/posts/cve-2025-21204-privilege-elevation-vulnerability-in-microsoft-windows-update-stack-detection-script
- https://www.vicarius.io/vsociety/posts/cve-2025-21204-privilege-elevation-vulnerability-in-microsoft-windows-update-stack-mitigation-script
Связанные уязвимости
CVSS3: 7.8
nvd
12 месяцев назад
Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
CVSS3: 7.8
msrc
12 месяцев назад
Windows Process Activation Elevation of Privilege Vulnerability
CVSS3: 7.8
fstec
12 месяцев назад
Уязвимость компонента Windows Update Stack операционной системы Windows, позволяющая нарушителю повысить свои привилегии