CVE-2025-24043

Опубликовано: 11 мар. 2025

Источник: msrc

CVSS3: 7.5

EPSS Низкий

Описание

WinDbg Remote Code Execution Vulnerability

Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.

FAQ

According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability.

Обновления

Продукт	Статья	Обновление
WinDbg	Release Notes	Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 39%

0.0017

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2025-24043

CVSS3: 7.5

nvd

6 месяцев назад

Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.

GHSA-hpw7-8qpc-34p3

CVSS3: 7.5

github

6 месяцев назад

Microsoft Security Advisory CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability

BDU:2025-02722

CVSS3: 7.5

fstec

6 месяцев назад

Уязвимость многоцелевого отладчика WinDbg, связанная с ошибками проверки криптографической подписи, позволяющая нарушителю выполнить удаленный код

EPSS

Процентиль: 39%

0.0017

Низкий

7.5 High

CVSS3