CVE-2025-48802

Опубликовано: 08 июл. 2025

Источник: msrc

CVSS3: 6.5

EPSS Низкий

Описание

Windows SMB Server Spoofing Vulnerability

Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.

Продукт	Статья	Обновление
Windows Server 2022	5062572	Security Update
Windows Server 2022 (Server Core installation)	5062572	Security Update
Windows 11 Version 22H2 for ARM64-based Systems	5062552	Security Update
Windows 11 Version 22H2 for x64-based Systems	5062552	Security Update
Windows 11 Version 23H2 for ARM64-based Systems	5062552	Security Update
Windows 11 Version 23H2 for x64-based Systems	5062552	Security Update
Windows Server 2022, 23H2 Edition (Server Core installation)	5062570	Security Update

Показывать по

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

EPSS

Процентиль: 15%

0.0005

Низкий

6.5 Medium

CVSS3

CVE-2025-48802

CVSS3: 6.5

nvd

5 месяцев назад

Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.

GHSA-32c4-pxr5-p8gv

CVSS3: 6.5

github

5 месяцев назад

Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.

BDU:2025-08427

CVSS3: 6.5

fstec

5 месяцев назад

Уязвимость реализации протокола SMB операционных систем Microsoft Windows, позволяющая нарушителю выполнить спуфинг-атаку

EPSS

Процентиль: 15%

0.0005

Низкий

6.5 Medium

CVSS3