Which versions of Windows are affected by CVE-2025-24804?

CVE-2025-24804 presents moderate security risk rated CVSS 4.8. Exploitation could compromise the security of affected deployments. Proof-of-concept code is publicly available.. A patch is available.

Is there a public PoC exploit available for CVE-2025-24804?

Yes, a public proof-of-concept exploit is available for CVE-2025-24804. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2025-24804?

During next maintenance window: Identify affected systems and apply vendor patches when convenient. Vendor patch is available.

Windows CVE-2025-24804

Q: What is the CVSS score of CVE-2025-24804?

CVE-2025-24804 has a CVSS 4.0 base score of 4.8 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

MEDIUM

Improper Validation of Specified Type of Input (CWE-1287)

2025-02-05 security-advisories@github.com

Windows Information Disclosure Google Apple Microsoft Android Mobile Security Framework

4.8

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:25 vuln.today

Patch released

Mar 28, 2026 - 18:25 nvd

Patch available

PoC Detected

May 23, 2025 - 17:18 vuln.today

Public exploit code

CVE Published

Feb 05, 2025 - 19:15 nvd

MEDIUM 4.8

DescriptionNVD

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. According to Apple's documentation for bundle ID's, it must contain only alphanumeric characters (A-Z, a-z, and 0-9), hyphens (-), and periods (.). However, an attacker can manually modify this value in the Info.plist file and add special characters to the <key>CFBundleIdentifier</key> value. When the application parses the wrong characters in the bundle ID, it encounters an error. As a result, it will not display content and will throw a 500 error instead. The only way to make the pages work again is to manually remove the malicious application from the system. This issue has been addressed in version 4.3.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

AnalysisAI

Technical ContextAI

This vulnerability is classified under CWE-1287. Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. According to Apple's documentation for bundle ID's, it must contain only alphanumeric characters (A-Z, a-z, and 0-9), hyphens (-), and periods (.). However, an attacker can manually modify this value in the Info.plist file and add special characters to the <key>CFBundleIdentifier</key> value. When the application parses the wrong characters in the bundle ID, it encounters an error. As a result, it will not display content and will throw a 500 error instead. The only way to make the pages work again is to manually remove the malicious application from the system. This issue has been addressed in version 4.3.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability. Affected products include: Opensecurity Mobile Security Framework. Version information: version 4.3.1.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.