CVE-2025-24043

Опубликовано: 11 мар. 2025

Источник: msrc

CVSS3: 7.5

EPSS Низкий

Описание

WinDbg Remote Code Execution Vulnerability

Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.

According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability.

Продукт	Статья	Обновление
WinDbg	Release Notes	Security Update

Показывать по

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

EPSS

Процентиль: 37%

0.00157

Низкий

7.5 High

CVSS3

CVE-2025-24043

CVSS3: 7.5

nvd

11 месяцев назад

Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.

GHSA-hpw7-8qpc-34p3

CVSS3: 7.5

github

11 месяцев назад

Microsoft Security Advisory CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability

BDU:2025-02722

CVSS3: 7.5

fstec

11 месяцев назад

Уязвимость многоцелевого отладчика WinDbg, связанная с ошибками проверки криптографической подписи, позволяющая нарушителю выполнить удаленный код

EPSS

Процентиль: 37%

0.00157

Низкий

7.5 High

CVSS3