Skip to main content

Autoupdate

8 CVEs product

Monthly

CVE-2025-55317 HIGH This Month

Improper link resolution before file access ('link following') in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Autoupdate
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47968 HIGH PATCH This Week

CVE-2025-47968 is an improper input validation vulnerability in Microsoft AutoUpdate (MAU) that allows a locally authenticated attacker to achieve privilege escalation on affected systems. The vulnerability has a CVSS score of 7.8 (High), indicating significant impact with confidentiality, integrity, and availability compromise. Active exploitation status and proof-of-concept availability cannot be confirmed from provided data, but the local attack vector with low complexity and low privilege requirement suggests elevated real-world risk for multi-user or shared systems.

Microsoft Apple Privilege Escalation Autoupdate
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2025-29801 HIGH This Week

Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Autoupdate
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2025-29800 HIGH This Week

Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Autoupdate
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2025-24036 HIGH PATCH This Week

Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Autoupdate
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2025-21360 HIGH PATCH This Month

Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Autoupdate
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-43492 HIGH PATCH This Week

Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Autoupdate
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-0984 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka 'Microsoft (MAU) Office Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Autoupdate
NVD
CVSS 3.1
7.8
EPSS
1.0%
EPSS 0% CVSS 7.8
HIGH This Month

Improper link resolution before file access ('link following') in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Autoupdate
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

CVE-2025-47968 is an improper input validation vulnerability in Microsoft AutoUpdate (MAU) that allows a locally authenticated attacker to achieve privilege escalation on affected systems. The vulnerability has a CVSS score of 7.8 (High), indicating significant impact with confidentiality, integrity, and availability compromise. Active exploitation status and proof-of-concept availability cannot be confirmed from provided data, but the local attack vector with low complexity and low privilege requirement suggests elevated real-world risk for multi-user or shared systems.

Microsoft Apple Privilege Escalation +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Autoupdate
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Autoupdate
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Autoupdate
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Autoupdate
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Autoupdate
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka 'Microsoft (MAU) Office Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Autoupdate
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy