Skip to main content

Windows 11 22h2 CVE-2025-48803

| EUVDEUVD-2025-20600 MEDIUM
Missing Support for Integrity Check (CWE-353)
2025-07-08 secure@microsoft.com
6.7
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.7 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
10.0.25398.1732,10.0.10240.21073,10.0.26100.4652
EUVD ID Assigned
Mar 16, 2026 - 04:21 euvd
EUVD-2025-20600
Analysis Generated
Mar 16, 2026 - 04:21 vuln.today
CVE Published
Jul 08, 2025 - 17:15 nvd
MEDIUM 6.7

DescriptionCVE.org

Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.

AnalysisAI

A privilege escalation vulnerability (CVSS 6.7) that allows an authorized attacker. Remediation should follow standard vulnerability management procedures.

Technical ContextAI

Vulnerability type: privilege escalation.

RemediationAI

Monitor vendor channels for patch availability.

CVE-2025-33053 HIGH POC
8.8 Jun 10

Windows Internet Shortcut Files (.url) contain an external control vulnerability (CVE-2025-33053, CVSS 8.8) that enables

CVE-2025-33073 HIGH POC
8.8 Jun 10

Windows SMB contains an improper access control vulnerability (CVE-2025-33073, CVSS 8.8) enabling authenticated attacker

CVE-2025-21293 HIGH POC
8.8 Jan 14

Active Directory Domain Services contains an elevation of privilege vulnerability that allows authenticated domain users

CVE-2025-30397 HIGH POC
7.5 May 13

Microsoft Scripting Engine contains a type confusion vulnerability allowing unauthorized remote code execution over the

CVE-2025-32706 HIGH POC
7.8 May 13

Windows CLFS Driver contains an input validation flaw enabling local privilege escalation, yet another CLFS kernel vulne

CVE-2025-21418 HIGH
7.8 Feb 11

Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow enabling local privilege escalation

CVE-2023-38545 CRITICAL POC
9.8 Oct 18

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. Rated critical severity (CVSS 9.8), thi

CVE-2025-47827 MEDIUM POC
4.6 Jun 05

In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptograph

CVE-2025-32701 HIGH
7.8 May 13

Windows Common Log File System Driver contains another use-after-free for local privilege escalation, the latest in a se

CVE-2025-21391 HIGH
7.1 Feb 11

Windows Storage contains an elevation of privilege vulnerability through symlink following that allows authorized attack

CVE-2025-32709 HIGH
7.8 May 13

Windows Ancillary Function Driver for WinSock contains a use-after-free enabling local privilege escalation through a nu

CVE-2025-30400 HIGH
7.8 May 13

Windows Desktop Window Manager (DWM) contains a use-after-free enabling local privilege escalation, exploited in the wil

Share

CVE-2025-48803 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy