CVE-2025-47978

Published Jul 8, 2025

Last updated 8 months ago

CVSS medium 6.5
Windows Kerberos

Overview

Description
Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network.
Source
secure@microsoft.com
NVD status
Analyzed
Products
windows_server_2022, windows_server_2022_23h2, windows_server_2025

Risk scores

CVSS 3.1

Type
Primary
Base score
6.5
Impact score
3.6
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity
MEDIUM

Weaknesses

secure@microsoft.com
CWE-125

Social media

Hype score
Not currently trending

  1. 🚨 Major flaws hit ServiceNow, Lenovo, and Windows: 🔸 ServiceNow bug (CVE-2025-3648) leaks PII via ACL misconfigs—no login needed 🔸 Lenovo app lets local users hijack DLLs to run code 🔸 Windows Kerberos bug (CVE-2025-47978) can crash domain controllers remotely Fin

    @TheHackersNews

    10 Jul 2025

    64952 Impressions

    37 Retweets

    98 Likes

    23 Bookmarks

    1 Reply

    0 Quotes

Configurations

Related CVEs

  1. Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.CVE-2026-26111
  2. Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally.CVE-2026-25190
  3. Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.CVE-2026-25189
  4. Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.CVE-2026-25187
  5. Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network.CVE-2026-25188

References

Sources include official advisories and independent security research.