AI description
CVE-2025-60703 is a vulnerability in Windows Remote Desktop Services (RDS). It involves an untrusted pointer dereference, which could allow an authorized attacker to elevate their privileges locally on a system. Successful exploitation of CVE-2025-60703 could allow an attacker with local code execution to escalate their privileges to SYSTEM, potentially enabling them to pivot laterally within a network or bypass endpoint isolation controls. Microsoft has assigned a confidence metric to this vulnerability, reflecting their certainty regarding its existence and the credibility of the technical details.
- Description
- Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
- Source
- secure@microsoft.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-822
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
57
CVE-2025-60703 Windows Remote Desktop Services Elevation of Privilege Vulnerability https://t.co/uiublrYeLq #CybersecurityTrends #CyberThreats #ITSupport #ManagedServices #MSSP #CyberSecurity #ManagedServices #ThreatResponse #Compliance #SecurityAutomation #MSPCommunity #SecQube
@SecQube
12 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
MicrosoftがWindowsのリモートデスクトップサービス(RDS)に重大な脆弱性を公表。認証済みの攻撃者が権限昇格し、SYSTEM権限を奪取できる恐れがある。企業ネットワークでは深刻な内部リスクとなる可能性がある
@yousukezan
12 Nov 2025
97863 Impressions
377 Retweets
921 Likes
340 Bookmarks
1 Reply
25 Quotes