AI description
CVE-2025-48799 is an Elevation of Privilege vulnerability in the Windows Update Service. The vulnerability stems from improper link resolution, also known as a 'link following' flaw. If exploited, an attacker with local access could escalate their privileges on a local machine. The vulnerability is due to the Windows Update Service not adequately verifying symbolic links or junctions before accessing files. An attacker could create a symbolic link to a system file, causing the update service to perform actions on that file with elevated permissions.
- Description
- Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.
- Source
- secure@microsoft.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-59
- Hype score
- Not currently trending
🚨 Exploiting #CVE-2025-48799: A #Windows Privilege Escalation Vulnerability https://t.co/z2e5NK4SuK Educational Purposes!
@UndercodeUpdate
9 Jul 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-48799 Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally. https://t.co/ic2ztFX7RR
@CVEnew
9 Jul 2025
212 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-48799 - PoC for an elevation of privilege vulnerability in Windows Update service. This vulnability affects windows clients (win11/win10) with at least 2 hard drives. https://t.co/jwxAkttgyn https://t.co/CqKpCg4v7G
@freedomhack101
9 Jul 2025
123 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
GitHub - Wh04m1001/CVE-2025-48799 https://t.co/qRlOoPyNkS
@akaclandestine
9 Jul 2025
1802 Impressions
5 Retweets
20 Likes
9 Bookmarks
0 Replies
0 Quotes
🚨 New PoC Released | CVE-2025-48799 A local privilege escalation in Windows Update Service! With multiple drives, Storage Sense can redirect app installs via symlink. The wuauserv service deletes target folders, enabling arbitrary file deletion and elevation. PoC & detai
@HackGitToolkit
9 Jul 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitHub - Wh04m1001/CVE-2025-48799 - https://t.co/8qZQMlIoKy
@piedpiper1616
9 Jul 2025
4520 Impressions
32 Retweets
82 Likes
24 Bookmarks
0 Replies
0 Quotes
Today MSRC fixed two vulnerabilities I reported a couple months ago. EoP in Windows Update service (affects only windows 11/10 with at least 2 drives) https://t.co/YnCsk1934F EoP in Microsoft PC Manager https://t.co/ssudyvpgDS PoC for CVE-2025-48799: https://t.co/brRVf18DnY
@filip_dragovic
8 Jul 2025
19448 Impressions
80 Retweets
316 Likes
125 Bookmarks
10 Replies
2 Quotes