CVE-2025-24994
Published Mar 11, 2025
Last updated 2 months ago
AI description
CVE-2025-24994 is a vulnerability found in the Windows Cross Device Service. It stems from improper access control, which could allow an attacker with authorization to elevate their privileges on a local system. The vulnerability was published on March 11, 2025. Microsoft is listed as the assigning CNA (CVE Numbering Authority).
- Description
- Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_11_22h2, windows_11_23h2, windows_11_24h2
CVSS 3.1
- Type
- Primary
- Base score
- 7.3
- Impact score
- 5.9
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-284
- Hype score
- Not currently trending
🔓 Gaining SYSTEM on Windows 11 with a 300ms window? A real-world DLL hijack + clever API interception exposed CVE-2025-24076 & CVE-2025-24994. Learn how it worked & how to defend. 👇 #Windows11 #CVE #DLLHijacking #Infosec #CyberSecurity https://t.co/41KtQGJurm
@threatsbank
21 May 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
300 Milliseconds to Admin: Mastering DLL Hijacking and Hooking to Win the Race (CVE-2025-24076 and CVE-2025-24994) : https://t.co/tKnRsUwr4I https://t.co/JVFPyGsLvp
@binitamshah
20 May 2025
3422 Impressions
13 Retweets
48 Likes
33 Bookmarks
0 Replies
0 Quotes
Windows 11 Privilege Escalation Flaws Uncovered: CVE-2025-24076 and CVE-2025-24994 https://t.co/m3mH19iwWW
@samilaiho
16 Apr 2025
1035 Impressions
4 Retweets
14 Likes
5 Bookmarks
0 Replies
0 Quotes
Windowsの権限昇格脆弱性CVE-2025-24076及びCVE-2025-24994について。Compass Security社報告。前者はDLLハイジャック。300ミリ秒しか成立タイミングが無かったため、Opportunistic Lockで実行を止め、DetoursライブラリでGetFileVersionInfoExWをインターセプトし書き換え。 https://t.co/g6kkX8FnAR
@__kokumoto
16 Apr 2025
721 Impressions
0 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
Windows 11 Privilege Escalation Flaws Uncovered: CVE-2025-24076 and CVE-2025-24994 https://t.co/dUlwa4walR
@Dinosn
16 Apr 2025
1635 Impressions
6 Retweets
18 Likes
9 Bookmarks
0 Replies
0 Quotes
3 milliseconds to admin — Our analyst John Ostrowski turned a DLL hijacking into a reliable local privilege escalation on Windows 11. He chained opportunistic locks, and API hooking to win the race to CVE-2025-24076 & CVE-2025-24994. Read his blog post: https://t.co/UfN6cBazI
@compasssecurity
15 Apr 2025
6490 Impressions
38 Retweets
121 Likes
76 Bookmarks
2 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "C8949B3E-5847-42F8-A15A-D7515F0EE305",
"versionEndExcluding": "10.0.22621.5039"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "84D4F97D-3BA2-4B7A-B650-5772DE49CE97",
"versionEndExcluding": "10.0.22621.5039"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "82807292-1736-4453-B805-3D471BF94A35",
"versionEndExcluding": "10.0.22631.5039"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "E19130AD-ECD6-4FC4-B2C8-AB058BDEF928",
"versionEndExcluding": "10.0.22631.5039"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "B7ADF37E-1DD3-4539-8922-1E059955FEF1",
"versionEndExcluding": "10.0.26100.3403"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "E0A74D52-ABC0-4733-B892-F8688B6AEBA7",
"versionEndExcluding": "10.0.26100.3403"
}
],
"operator": "OR"
}
]
}
]