June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Dell PowerScale Products Vulnerabilities
May 19, 2025
Multiple Adobe Substance3D Vulnerabilities
May 19, 2025
Multiple Dell PowerScale Products Vulnerabilities
May 19, 2025
Multiple Adobe Substance3D Vulnerabilities
May 19, 2025
Severity
High
Analysis Summary
CVE-2025-29957 CVSS:6.2
Microsoft Windows is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the Deployment Services component.
CVE-2025-29955 CVSS:6.2
Microsoft Windows Hyper-V is vulnerable to a denial of service, caused by improper input validaiton.
CVE-2025-29956 CVSS:5.4
Microsoft Windows could allow a remote authenticated attacker to obtain sensitive information, caused by buffer over-read flaw in the SMB component.
CVE-2025-29954 CVSS:5.9
Microsoft Windows is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the Lightweight Directory Access Protocol (LDAP) component.
CVE-2025-29840 CVSS:8.8
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a stack-based buffer overflow in the Media component.
CVE-2025-29838 CVSS:7.4
Microsoft Windows could allow a local attacker to gain elevated privileges on the system, caused by a NULL pointer dereference flaw in the ExecutionContext Driver.
CVE-2025-29839 CVSS:4
Microsoft Windows could allow a local attacker to obtain sensitive information, caused by an out-of-bounds read flaw in multiple UNC Provider Driver.
CVE-2025-29837 CVSS:5.5
Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a link following flaw in the Installer.
CVE-2025-29836 CVSS:6.5
Microsoft Windows could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read flaw in the Routing and Remote Access Service (RRAS) component.
CVE-2025-29835 CVSS:6.5
Microsoft Windows could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read flaw in the Remote Access Connection Manager component.
Impact
- Denial of Service
- Code Execution
- Privilege Escalation
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2025-29957
- CVE-2025-29955
- CVE-2025-29956
- CVE-2025-29954
- CVE-2025-29840
- CVE-2025-29838
- CVE-2025-29839
- CVE-2025-29837
- CVE-2025-29836
- CVE-2025-29835
Affected Vendors
- Microsoft
Affected Products
- Microsoft Windows 10 Version 1809 - 10.0.17763.0
- Microsoft Windows Server 2019 - 10.0.17763.0
- Microsoft Windows Server 2019 (Server Core installation) - 10.0.17763.0
- Microsoft Windows Server 2022 - 10.0.20348.0
- Microsoft Windows 11 version 22H2 - 10.0.22621.0
- Microsoft Windows 10 Version 22H2 - 10.0.19045.0
- Microsoft Windows Server 2025 (Server Core installation) - 10.0.26100.0
- Microsoft Windows 11 version 22H3 - 10.0.22631.0
- Microsoft Windows Server 2012 (Server Core installation) - 6.2.9200.0
- Microsoft Windows Server 2012 R2 - 6.3.9600.0
- Microsoft Windows Server 2012 R2 (Server Core installation) - 6.3.9600.0
- Microsoft Windows 11 Version 23H2 - 10.0.22631.0
- Microsoft Windows Server 2012 - 6.2.9200.0
- Microsoft Windows 11 Version 24H2 - 10.0.26100.0
- Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) - 6.0.6003.0
- Microsoft Windows Server 2008 Service Pack 2 - 6.0.6003.0
- Microsoft Windows Server 2016 - 10.0.14393.0
- Microsoft Windows Server 2016 (Server Core installation) - 10.0.14393.0
- Microsoft Windows Server 2025 - 10.0.26100.0
- Microsoft Windows 10 Version 1507 - 10.0.10240.0
- Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) - 6.1.7601.0
- Microsoft Windows 10 Version 1607 - 10.0.14393.0
- Microsoft Windows Server 2008 R2 Service Pack 1 - 6.1.7601.0
- Microsoft Windows 10 Version 21H2 - 10.0.19044.0
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.
