Analysis Summary

CVE-2024-49105 CVSS:8.4

Microsoft Windows Remote Desktop Client could allow a remote attacker to execute arbitrary code on the system, caused by improper access control in Remote Desktop Client component. By persuading a victim to open specially crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2025-21372 CVSS:7.8

Microsoft Brokering File System could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free error.

CVE-2025-21399 CVSS:7.4

Microsoft Edge (Chromium-based) could allow a local attacker to gain SYSTEM privileges.

CVE-2025-21231 CVSS:7.5

Microsoft IP Helper is vulnerable to a denial of service when sending specially crafted string of data over the network.

CVE-2025-21187 CVSS:7.8

Microsoft Power Automate could allow a remote attacker to execute arbitrary code on the system when opening a specially crafted file.

CVE-2025-21220 CVSS:7.5

Microsoft Message Queuing could allow a remote attacker to read small portions of heap memory.

CVE-2025-21405 CVSS:7.3

Microsoft Visual Studio could allow a local authenticated attacker to gain SYSTEM privileges when using a specially crafted application.

Impact

• Code Execution
• Privilege Escalation
• Denial of Service
• Information Disclosure

Indicators of Compromise

CVE

• CVE-2024-49105

• CVE-2025-21372

• CVE-2025-21399

• CVE-2025-21231

• CVE-2025-21187

• CVE-2025-21220

• CVE-2025-21405

Affected Vendors

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2024-49105

CVE-2025-21372

CVE-2025-21399

CVE-2025-21231

CVE-2025-21187

CVE-2025-21220

CVE-2025-21405