- Description
- Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
- Source
- secure@microsoft.com
- NVD status
- Modified
- Products
- windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_22h2, windows_11_23h2, windows_11_24h2, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Microsoft Windows DWM Core Library Use-After-Free Vulnerability
- Exploit added on
- May 13, 2025
- Exploit action due
- Jun 3, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-416
- Hype score
- Not currently trending
⚠️ Heads up! CVE-2025-30400 has a knack for privilege escalation—like giving a PC the VIP pass to your data! Don’t let it crash the party; check out the patch guide and keep your system secure! #WindowsForum #SecurityPatch #StaySafe https://t.co/WBANUuhVrL
@windowsforum
12 Aug 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Thread of High and Critical CVEs in 2025 (Until now!) 1/10 🚨 Critical Windows Alert! CVE-2025-30400: Privilege Escalation in Windows DWM Core Library. Actively exploited! Patch now to secure your systems. #CyberSecurity #Windows #CVE https://t.co/VTo2MmcZC8
@xcybersecnews
13 Jun 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
About Elevation of Privilege - Microsoft DWM Core Library (CVE-2025-30400) vulnerability. There is currently one GitHub repository with a PoC, but its functionality is highly questionable. 🤔 #DWM #Microsoft #Windows ➡️ https://t.co/i8vGJ4Fj6z https://t.co/732Gnwg7HP
@leonov_av
10 Jun 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
26 May 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
25 May 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
24 May 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
23 May 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
22 May 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Microsoft Patches Five Actively Exploited Zero-Day Vulnerabilities Microsoft’s May 2025 Patch Tuesday addressed 78 security flaws, including five zero-day vulnerabilities (CVE-2025-30397, CVE-2025-30400, CVE-2025-32701, CVE-2025-32706, CVE-2025-32709) under active exploitation
@PTechnology_nfo
22 May 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s May 2025 Patch Tuesday Addresses 71 CVEs (CVE-2025-32701, CVE-2025-32706, CVE-2025-30400) https://t.co/WRh4BF2KY6 https://t.co/1rh4OfaBoF
@IT_Peurico
21 May 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
21 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
21 May 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
20 May 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-30400 is a high-severity use-after-free vulnerability in the Windows Desktop Window Manager (DWM) Core Library, which plays a crucial role in rendering the graphical desktop environment. What does this mean for you? https://t.co/SSVRWs0xJT
@Al13203
19 May 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
19 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
19 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
18 May 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
17 May 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Microsoft’s May 2025 Patch Tuesday Addresses 71 CVEs (CVE-2025-32701, CVE-2025-32706, CVE-2025-30400) https://t.co/Dq8Qb3AqIK https://t.co/vQHwQpv1jS
@ggrubamn
16 May 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
16 May 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
16 May 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Microsoft’s May 2025 Patch Tuesday Addresses 71 CVEs (CVE-2025-32701, CVE-2025-32706, CVE-2025-30400) https://t.co/2O9bm9ajQf https://t.co/iRfSNnHrjK
@secured_cyber
15 May 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Microsoft Patch Tuesday: 78 Flaws, 5 Zero-Days Exploited! 🔍 28 RCE, 20 EoP bugs fixed 🔐 SAP NetWeaver critical flaw (CVE-2025-42999) patched Patch NOW: ✅ CVE-2025-30400 (Win DWM Core) ✅ CVE-2025-29813 (Azure, CVSS 10.0) 🛡️ Protect your systems #PatchTuesday #
@CyberWolfGuard
15 May 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s May 2025 Patch Tuesday Addresses 71 CVEs (CVE-2025-32701, CVE-2025-32706, CVE-2025-30400) https://t.co/oCqgFJSpID https://t.co/to0H1eqA5i
@PintoriAlice
15 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
15 May 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Windows DWMの脆弱性CVE-2025-30400がゼロデイ悪用されている。5月の定例更新での修正。CVSSスコア7.8で、ローカル権限昇格が可能な解放後メモリ使用。 https://t.co/VGnkTLb3XK
@__kokumoto
14 May 2025
789 Impressions
1 Retweet
5 Likes
1 Bookmark
0 Replies
0 Quotes
Microsoft’s May 2025 Patch Tuesday Addresses 71 CVEs (CVE-2025-32701, CVE-2025-32706, CVE-2025-30400) https://t.co/fVLEHRDIAv https://t.co/nNKlRk6IFJ
@Art_Capella
14 May 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ujawniono pięć aktywnie wykorzystywanych luk zero-day w systemie Windows 💣 CVE-2025-30397 – zdalne wykonanie kodu przez przeglądarkę (RCE) 💣 CVE-2025-32701 i CVE-2025-32706 – podniesienie uprawnień w CLFS 💣 CVE-2025-30400 – podniesienie uprawnień w D
@Sekurak
14 May 2025
4227 Impressions
6 Retweets
40 Likes
8 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
14 May 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Microsoft’s May 2025 Patch Tuesday Addresses 71 CVEs (CVE-2025-32701, CVE-2025-32706, CVE-2025-30400) https://t.co/51odky3E8b https://t.co/xMMH7BdTJT
@Trej0Jass
14 May 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-30400
@transilienceai
14 May 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
米国CISAが悪用を確認した脆弱性 #KEV をカタログに追加しました。 🛡️No.1337 CVE-2025-30400 Microsoft Windows DWM Core Library Use-After-Free Vulnerability ============= CVSSスコア:7.8 (Base) / Microsoft Corporation CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:
@piyokango
14 May 2025
3968 Impressions
3 Retweets
11 Likes
1 Bookmark
0 Replies
0 Quotes
Microsoft’s May 2025 Patch Tuesday Addresses 71 CVEs (CVE-2025-32701, CVE-2025-32706, CVE-2025-30400) https://t.co/ymqJiQPblS https://t.co/UWmtTifko4
@dansantanna
14 May 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-30400 Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. https://t.co/1qd8RW11My
@CVEnew
13 May 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "63199B82-79B6-461A-AC6D-CD1EE5EBCC80",
"versionEndExcluding": "10.0.17763.7314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "C7D99F6B-B97B-4010-AA5C-84E9FE50D860",
"versionEndExcluding": "10.0.17763.7314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87D3BE2A-EF7B-4653-AE64-9F8FE0E12223",
"versionEndExcluding": "10.0.19044.5854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F95690D-5720-4ACD-A378-BC3040E42AF2",
"versionEndExcluding": "10.0.19045.5854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9929270C-5F72-40B8-B36B-073E6D1B00B6",
"versionEndExcluding": "10.0.22621.5335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "894FA410-3F24-45CB-B347-3F839CBA8DD8",
"versionEndExcluding": "10.0.22631.5335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "644E96C3-1EA7-48E2-B800-C6ADA2D65FCD",
"versionEndExcluding": "10.0.26100.4061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B47EE2B-4081-4D43-8AF7-C8EB11852312",
"versionEndExcluding": "10.0.17763.7314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76679D4E-C4EF-4EED-BCDE-79F5AF859576",
"versionEndExcluding": "10.0.20348.3692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B9B2720-3733-4C50-85F7-156D781D15B8",
"versionEndExcluding": "10.0.25398.1611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE51E4F-FCFF-4DC0-9B76-861EE20D54A4",
"versionEndExcluding": "10.0.26100.4061",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]