Microsoft: >> Windows 11 24h2 Security Vulnerabilities
Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-10-14
Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-14
Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-10-14
Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-10-14
Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-14
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-10-14
Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-10-14
Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-10-14
Cleartext storage of sensitive information in Windows Kernel allows an unauthorized attacker to bypass a security feature locally.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-10-14
Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
CVSS Score
7.4
EPSS Score
0.0
Published
2025-10-14