Request a Demo
Rewterz
Oyster Malware Targets IT Admins via SEO Poisoning – Active IOCs
July 28, 2025
Rewterz
Multiple IBM SmartCloud Analytics Vulnerabilities
July 28, 2025

Multiple Microsoft Windows Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2025-49686 CVSS:7.8

Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

CVE-2025-49659 CVSS:7.8

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.

CVE-2025-49658 CVSS:5.5

Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.

CVE-2025-48819 CVSS:7.1

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

CVE-2025-48821 CVSS:7.1

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

CVE-2025-48799 CVSS:7.8

Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.

CVE-2025-49664 CVSS:5.5

Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally.

Impact

  • Information Disclosure
  • Privilege Escalation

Indicators of Compromise

CVE

  • CVE-2025-49686

  • CVE-2025-49659

  • CVE-2025-49658

  • CVE-2025-48819

  • CVE-2025-48821

  • CVE-2025-48799

  • CVE-2025-49664

Affected Vendors

  • Microsoft

Affected Products

  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2019
    Microsoft Windows 10 for 32-bit Systems
  • Microsoft Windows 10 for x64-based Systems
  • Microsoft Windows 10 Version 1607 for 32-bit Systems
  • Microsoft Windows 10 Version 1607 for x64-based Systems
  • Microsoft Windows 10 Version 1809 for 32-bit Systems
  • Microsoft Windows 10 Version 1809 for x64-based Systems
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2022
  • Microsoft Windows Server 2019 (Server Core installation)
  • Microsoft Windows Server 2022 (Server Core installation)
  • Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2
  • Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  • Microsoft Windows Server 2008 for x64-based Systems Service Pack 2
  • Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  • Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Microsoft Windows Server 2012 (Server Core installation)
  • Microsoft Windows Server 2012 R2 (Server Core installation)
  • Microsoft Windows Server 2016 (Server Core installation)
  • Microsoft Windows Server 2025
  • Microsoft Windows 11 Version 24H2 for x64-based Systems
  • Microsoft Windows 11 Version 24H2 for ARM64-based Systems
  • Microsoft Windows 11 Version 23H2 for x64-based Systems
  • Microsoft Windows 11 Version 23H2 for ARM64-based Systems
  • Microsoft Windows Server 2025 (Server Core installation)
  • Microsoft Windows 10 Version 22H2 for x64-based Systems
  • Microsoft Windows 11 Version 22H2 for x64-based Systems
  • Microsoft Windows 11 Version 22H2 for ARM64-based Systems
  • Microsoft Windows 10 Version 21H2 for x64-based Systems
  • Microsoft Windows 10 Version 22H2 for 32-bit Systems
  • Microsoft Windows 10 Version 22H2 for ARM64-based Systems
  • Microsoft Windows 10 Version 21H2 for ARM64-based Systems
  • Microsoft Windows 10 Version 21H2 for 32-bit Systems
  • Microsoft Windows Server 2022 23H2 Edition (Server Core installation)

Remediation

Refer to Microsoft Website for patch, upgrade, or suggested workaround information.

CVE-2025-49686

CVE-2025-49659

CVE-2025-49658

CVE-2025-48819

CVE-2025-48821

CVE-2025-48799

CVE-2025-49664