- Description
- Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_11_24h2, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-416
- Hype score
- Not currently trending
Microsoft BFS の脆弱性 CVE-2025-29970 が FIX:解放後メモリ使用脆弱性と権限昇格 https://t.co/LyPRbHTaJv この問題の原因は、Windows アプリケーションを隔離する仕組みを管理する、”bfs.sys”
@iototsecnews
5 Jan 2026
105 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Microsoft Patches BFS Driver Bug (CVE-2025-29970) Enabling Local Privilege Escalation Microsoft fixed a use-after-free in the Brokering File System driver (bfs.sys) where BfsCloseStorage can dereference freed memory while cleaning a multi-entry DirectoryBlockList, enabling a
@ThreatSynop
24 Dec 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
برای درایور (BFS) یا همان Brokering File System در ویندوز ، آسیب پذیری با کد شناسایی CVE-2025-29970 و از نوع privilege escalation منتشر شده است. برای پیشگیری و مقابله به قسمت update ویندو
@AmirHossein_sec
24 Dec 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
MicrosoftはWindowsのサンドボックス機能を支える内部ドライバーに存在する深刻な欠陥(CVE-2025-29970)を修正した。隔離環境から権限を昇格できる恐れがあり、企業システムの安全性に影響する問題として注目され
@yousukezan
22 Dec 2025
1755 Impressions
3 Retweets
16 Likes
1 Bookmark
0 Replies
0 Quotes
What better way to get into x'mas vibes than @flyingpassword dropping a BFS n-day (CVE-2025-29970) blog post! (Santa would approve :)) Merry X-mas! https://t.co/Skmuu5rsU1
@pixiepointsec
22 Dec 2025
6085 Impressions
11 Retweets
36 Likes
21 Bookmarks
1 Reply
2 Quotes
🔒 A new vulnerability (CVE-2025-29970) in the Microsoft File System lets attackers escalate their privileges like a game of musical chairs—only the chairs are your data! Time to patch up and secure those systems! #WindowsForum #CyberSecurity #PatchItUp https://t.co/fdoQQ3cJV
@windowsforum
14 May 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-29970 Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. https://t.co/gpBCrlm7f4
@CVEnew
13 May 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "4448191F-2152-4E7F-8D4A-4EE7ED6657D6",
"versionEndExcluding": "10.0.26100.4061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "7CE8E58A-59AA-4649-8C0F-0DB11A1D1936",
"versionEndExcluding": "10.0.26100.4061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B9B2720-3733-4C50-85F7-156D781D15B8",
"versionEndExcluding": "10.0.25398.1611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE51E4F-FCFF-4DC0-9B76-861EE20D54A4",
"versionEndExcluding": "10.0.26100.4061",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]