Vulnerability Details CVE-2025-27488
Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.1%
CVSS Severity
CVSS v3 Score 6.7
Products affected by CVE-2025-27488
-
cpe:2.3:a:microsoft:windows_hardware_lab_kit:*
-
cpe:2.3:o:microsoft:windows_10_1809:-
-
cpe:2.3:o:microsoft:windows_10_2004:-
-
cpe:2.3:o:microsoft:windows_10_20h2:-
-
cpe:2.3:o:microsoft:windows_10_21h1:-
-
cpe:2.3:o:microsoft:windows_10_21h2:-
-
cpe:2.3:o:microsoft:windows_10_22h2:-
-
cpe:2.3:o:microsoft:windows_11_22h2:-
-
cpe:2.3:o:microsoft:windows_11_24h2:-
-
cpe:2.3:o:microsoft:windows_server_2019:-
-
cpe:2.3:o:microsoft:windows_server_2022:-
-
cpe:2.3:o:microsoft:windows_server_2025:-