Report Name: Microsoft Patch Tuesday, September 2025Generated: 2025-09-11 18:41:01
| Product Name | Prevalence | U | C | H | M | L | A | Comment |
|---|---|---|---|---|---|---|---|---|
| Windows Kernel | 0.9 | 1 | 1 | Windows Kernel | ||||
| Windows NTLM | 0.9 | 1 | 1 | A suite of security protocols to authenticate users' identity and protect the integrity and confidentiality of their activity | ||||
| Windows SMB Client | 0.9 | 1 | 1 | Windows component | ||||
| Windows TCP/IP Driver | 0.9 | 1 | 1 | A kernel mode driver | ||||
| Chromium | 0.8 | 4 | 7 | 11 | Chromium is a free and open-source web browser project, mainly developed and maintained by Google | |||
| DirectX Graphics Kernel | 0.8 | 1 | 1 | DirectX Graphics Kernel | ||||
| Microsoft DWM Core Library | 0.8 | 1 | 1 | Windows component | ||||
| Microsoft Edge | 0.8 | 1 | 1 | Web browser | ||||
| Microsoft Office | 0.8 | 2 | 2 | Microsoft Office is a suite of applications designed to help with productivity and completing common tasks on a computer | ||||
| Windows Ancillary Function Driver for WinSock | 0.8 | 1 | 1 | Windows component | ||||
| Windows BitLocker | 0.8 | 2 | 2 | Windows component | ||||
| Windows Bluetooth Service | 0.8 | 1 | 1 | Windows component | ||||
| Windows Certificate | 0.8 | 1 | 1 | Windows component | ||||
| Windows Connected Devices Platform Service | 0.8 | 1 | 1 | Windows component | ||||
| Windows Connected Devices Platform Service (Cdpsvc) | 0.8 | 1 | 1 | Windows component | ||||
| Windows Defender Firewall Service | 0.8 | 6 | 6 | Windows component | ||||
| Windows Graphics Component | 0.8 | 2 | 2 | 4 | Windows component | |||
| Windows Imaging Component | 0.8 | 1 | 1 | Windows component | ||||
| Windows Kernel Memory | 0.8 | 1 | 1 | Windows component | ||||
| Windows Kernel-Mode Driver | 0.8 | 1 | 1 | Windows component | ||||
| Windows MBT Transport Driver | 0.8 | 1 | 1 | Windows component | ||||
| Windows Management Service | 0.8 | 1 | 1 | Windows component | ||||
| Windows MultiPoint Services | 0.8 | 1 | 1 | Windows component | ||||
| Windows NTFS | 0.8 | 1 | 1 | The default file system of the Windows NT family | ||||
| Windows Routing and Remote Access Service (RRAS) | 0.8 | 2 | 8 | 10 | Windows component | |||
| Windows SMB | 0.8 | 1 | 1 | Windows component | ||||
| Windows Storage-based Management Service | 0.8 | 1 | 1 | Windows component | ||||
| Windows UI XAML Maps MapControlSettings | 0.8 | 1 | 1 | Windows component | ||||
| Windows UI XAML Phone DatePickerFlyout | 0.8 | 1 | 1 | Windows component | ||||
| Microsoft SharePoint | 0.7 | 1 | 1 | Microsoft SharePoint | ||||
| Newtonsoft.Json | 0.7 | 1 | 1 | Newtonsoft.Json (also known as Json.NET) is a popular high-performance JSON framework for .NET, providing easy-to-use APIs for serializing, deserializing, and manipulating JSON data with extensive flexibility and configurability. | ||||
| Microsoft Excel | 0.6 | 8 | 8 | MS Office product | ||||
| Microsoft Office Visio | 0.6 | 1 | 1 | Microsoft Visio | ||||
| Microsoft PowerPoint | 0.6 | 1 | 1 | Microsoft PowerPoint | ||||
| Microsoft Word | 0.6 | 1 | 1 | Microsoft Word is a widely used commercial word processor developed by Microsoft. It is a component of the Microsoft Office suite of productivity software but can also be purchased as a standalone product. | ||||
| Windows Hyper-V | 0.6 | 5 | 5 | Hardware virtualization component of the client editions of Windows NT | ||||
| Azure Arc | 0.5 | 1 | 1 | Azure Arc | ||||
| Azure Bot Service | 0.5 | 1 | 1 | Azure Bot Service | ||||
| Azure Connected Machine Agent | 0.5 | 1 | 1 | Azure Connected Machine Agent | ||||
| Azure Databricks | 0.5 | 1 | 1 | Azure Databricks | ||||
| Azure Entra | 0.5 | 1 | 1 | Azure Entra | ||||
| Azure Networking | 0.5 | 1 | 1 | Azure Networking | ||||
| Capability Access Management Service (camsvc) | 0.5 | 1 | 1 | Capability Access Management Service (camsvc) | ||||
| Dynamics 365 FastTrack Implementation Assets | 0.5 | 1 | 1 | Dynamics 365 FastTrack Implementation Assets | ||||
| Graphics Kernel | 0.5 | 2 | 2 | Graphics Kernel | ||||
| HTTP.sys | 0.5 | 1 | 1 | HTTP.sys | ||||
| Local Security Authority Subsystem Service | 0.5 | 1 | 1 | Local Security Authority Subsystem Service | ||||
| Local Security Authority Subsystem Service (LSASS) | 0.5 | 1 | 1 | Local Security Authority Subsystem Service (LSASS) | ||||
| MapUrlToZone | 0.5 | 2 | 2 | MapUrlToZone | ||||
| Microsoft AutoUpdate (MAU) | 0.5 | 1 | 1 | Microsoft AutoUpdate (MAU) | ||||
| Microsoft Brokering File System | 0.5 | 1 | 1 | Microsoft Brokering File System | ||||
| Microsoft High Performance Compute (HPC) Pack | 0.5 | 1 | 1 | Microsoft High Performance Compute (HPC) Pack | ||||
| Microsoft OfficePlus | 0.5 | 1 | 1 | Microsoft OfficePlus | ||||
| Microsoft PC Manager | 0.5 | 1 | 1 | Microsoft PC Manager | ||||
| Microsoft SQL Server | 0.5 | 2 | 2 | Microsoft SQL Server | ||||
| Microsoft Virtual Hard Disk | 0.5 | 1 | 1 | The Virtual Hard Disk (VHD) format is a publicly-available image format specification that allows encapsulation of the hard disk into an individual file. | ||||
| PowerShell Direct | 0.5 | 1 | 1 | PowerShell Direct | ||||
| SPNEGO Extended Negotiation (NEGOEX) Security Mechanism | 0.5 | 1 | 1 | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism | ||||
| Xbox Certification Bug Copilot Djando | 0.5 | 1 | 1 | Xbox Certification Bug Copilot Djando | ||||
| Xbox Gaming Services | 0.5 | 1 | 1 | Xbox Gaming Services |
| Vulnerability Type | Criticality | U | C | H | M | L | A |
|---|---|---|---|---|---|---|---|
| Remote Code Execution | 1.0 | 12 | 14 | 26 | |||
| Authentication Bypass | 0.98 | 1 | 1 | ||||
| Security Feature Bypass | 0.9 | 1 | 3 | 4 | |||
| Elevation of Privilege | 0.85 | 3 | 41 | 44 | |||
| Information Disclosure | 0.83 | 16 | 16 | ||||
| Denial of Service | 0.7 | 1 | 3 | 4 | |||
| Memory Corruption | 0.5 | 4 | 4 | ||||
| Spoofing | 0.4 | 4 | 4 |
| Source | U | C | H | M | L | A |
|---|---|---|---|---|---|---|
| MS PT Extended | 6 | 16 | 22 | |||
| Qualys | 1 | 9 | 27 | 37 | ||
| Tenable | 4 | 6 | 10 | |||
| Rapid7 | 1 | 1 | 2 | 4 | ||
| ZDI | 2 | 1 | 3 |
1. 
Denial of Service - Newtonsoft.Json (CVE-2024-21907) - Critical [634]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 1.0 | 17 | The existence of a publicly available exploit is mentioned on NVD:PublicExploit:security.snyk.io website | |
| 0.7 | 15 | Denial of Service | |
| 0.7 | 14 | Newtonsoft.Json (also known as Json.NET) is a popular high-performance JSON framework for .NET, providing easy-to-use APIs for serializing, deserializing, and manipulating JSON data with extensive flexibility and configurability. | |
| 0.8 | 10 | CVSS Base Score is 7.5. According to NVD data source | |
| 0.8 | 10 | EPSS Probability is 0.01942, EPSS Percentile is 0.8272 |
Qualys: VulnCheck: CVE-2024-21907 Improper Handling of Exceptional Conditions in Newtonsoft.Json Microsoft has fixed a previously known vulnerability in Newtonsoft.Json, which is included as part of Microsoft SQL Server. Microsoft mentioned in the advisory, “CVE-2024-21907 addresses a mishandling of exceptional conditions vulnerability in Newtonsoft.Json before version 13.0.1. Crafted data passed to JsonConvert.The DeserializeObject method may trigger a Stack Overflow exception, resulting in denial of service. Depending on the usage of the library, an unauthenticated remote attacker may cause a denial of service condition.”
Rapid7: What happens if you ask SQL Server to deserialize a JSON object with thousands of levels of nested objects? If you guessed denial of service, then you are good at guessing, because that’s what CVE-2024-21907 describes. As zero-day vulnerabilities go, it doesn’t seem particularly terrifying, since presumably the worst an attacker can do is knock down a service, which can then be picked up again. Of course, that’s all relative, since some SQL Server instances are doing very important work: think hospitals, airports, and other critical infrastructure. Taking a step back: if an unauthenticated attacker can send arbitrary queries directly into your SQL Server instances, then that’s already a broader security architecture issue.
Rapid7: Perhaps the most interesting thing about CVE-2024-21907 is its long and convoluted history. The underlying defect is not in SQL Server, but in Newtonsoft.Json, which is the de facto standard for handling JSON in .NET applications, including SQL Server and many other products. Versions of Newtonsoft.Json prior to 13.0.1 are vulnerable, and this isn’t new information; CVE-2024-21907 was originally made public on 2024-01-03 with some help from VulnCheck, so Microsoft is playing catch-up here. The underlying defect has been public knowledge for way longer than that, however, since Aleph Security first flagged it up way back in 2018 without attaching a CVE number. It remains unclear why Microsoft chose to address this now, but better late than never.
2. 
Elevation of Privilege - Azure Networking (CVE-2025-54914) - High [592]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 1.0 | 17 | The existence of a publicly available exploit is mentioned on Vulners:PublicExploit:GitHub:MRK336:AZURE-NETWORKING-PRIVILEGE-ESCALATION-EXPLOIT-CVE-2025-54914 website | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Networking | |
| 1.0 | 10 | CVSS Base Score is 10.0. According to Microsoft data source | |
| 0.3 | 10 | EPSS Probability is 0.00089, EPSS Percentile is 0.26195 |
MS PT Extended: CVE-2025-54914 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
Qualys: CVE-2025-54914: Azure Networking Elevation of Privilege Vulnerability Upon successful exploitation, an attacker could elevate privileges.
Rapid7: It’s not every day that we see a perfect(?) 10.0 CVSS v3 base score, but CVE-2025-54914 is one such rare beast, thanks to the seldom-seen scope change described by the CVSS v3 vector. However, that’s all we get; the aggressively minimalist advisory fails to explain the nature of the vulnerability in any way at all. Mercifully, the advisory does pour a little oil on its own troubled waters by clarifying that this is a cloud service vulnerability, Microsoft has already fixed it, and there is no action to be taken by users of the service. Other reasons to consider not panicking: the Acknowledgements section lists only Microsoft researchers, so we can hope that no one else knows enough to do any damage. For anyone wondering which cloud service was impacted, the answer is Azure Networking, which is probably only important if your cloud assets ever need to communicate with anything at all.
3. 
Remote Code Execution - Chromium (CVE-2025-8880) - High [454]
Description: Race in V8 in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Chromium is a free and open-source web browser project, mainly developed and maintained by Google | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to NVD data source | |
| 0.3 | 10 | EPSS Probability is 0.00086, EPSS Percentile is 0.25716 |
MS PT Extended: CVE-2025-8880 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
4. Remote Code Execution - Chromium (CVE-2025-8901) - High [454]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Chromium is a free and open-source web browser project, mainly developed and maintained by Google | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to NVD data source | |
| 0.3 | 10 | EPSS Probability is 0.00101, EPSS Percentile is 0.28509 |
MS PT Extended: CVE-2025-8901 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
5. Remote Code Execution - Chromium (CVE-2025-9132) - High [442]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Chromium is a free and open-source web browser project, mainly developed and maintained by Google | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to NVD data source | |
| 0.2 | 10 | EPSS Probability is 0.00066, EPSS Percentile is 0.20737 |
MS PT Extended: CVE-2025-9132 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
6. Remote Code Execution - Windows Storage-based Management Service (CVE-2025-55231) - High [430]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | CVSS Base Score is 7.5. According to Microsoft data source | |
| 0.2 | 10 | EPSS Probability is 0.00054, EPSS Percentile is 0.1669 |
MS PT Extended: CVE-2025-55231 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
7. Remote Code Execution - Windows Routing and Remote Access Service (RRAS) (CVE-2025-54106) - High [419]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
8. Remote Code Execution - Windows Routing and Remote Access Service (RRAS) (CVE-2025-54113) - High [419]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
9. 
Security Feature Bypass - Chromium (CVE-2025-9866) - High [413]
Description: Inappropriate implementation in Extensions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to bypass content security policy via a crafted HTML page. (
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Chromium is a free and open-source web browser project, mainly developed and maintained by Google | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to NVD data source | |
| 0.1 | 10 | EPSS Probability is 0.00046, EPSS Percentile is 0.13519 |
MS PT Extended: CVE-2025-9866 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
10. Elevation of Privilege - Windows Kernel (CVE-2025-54110) - High [408]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Other Microsoft Vulnerability Highlights CVE-2025-54110 is an elevation of privilege vulnerability in the Windows Kernel. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54916 is a remote code execution vulnerability in Windows NTFS. A stack-based buffer overflow flaw in Windows NTFS may allow an authenticated attacker to execute code over a network. CVE-2025-53803 is an information disclosure vulnerability in Windows Kernel Memory. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-53804 is an information disclosure vulnerability in the Windows Kernel-Mode Driver. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-54093 is an elevation of privilege vulnerability in the Windows TCP/IP Driver. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54098 is an elevation of privilege vulnerability in Windows Hyper-V. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
11. Elevation of Privilege - Windows NTLM (CVE-2025-54918) - High [408]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.9 | 14 | A suite of security protocols to authenticate users' identity and protect the integrity and confidentiality of their activity | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: CVE-2025-54918: Windows NTLM Elevation of Privilege Vulnerability An improper authentication flaw in Windows NTLM may allow an authenticated attacker to elevate privileges over a network. Upon successful exploitation, an attacker could gain SYSTEM privileges.
Tenable: CVE-2025-54918 | Windows NTLM Elevation of Privilege Vulnerability
Tenable: CVE-2025-54918 is an EoP vulnerability in Windows New Technology LAN Manager (NTLM). It was assigned a CVSSv3 score of 8.8 and is rated critical. It was assessed as “Exploitation More Likely” according to Microsoft’s Exploitability Index. According to the advisory, successful exploitation would allow an attacker to elevate their privileges to SYSTEM.
ZDI: CVE-2025-54918 - Windows NTLM Elevation of Privilege Vulnerability. This privilege escalation allows an authenticated threat actor to escalate to SYSTEM on affected systems over the network. While not a scope change, going from a standard Windows user to SYSTEM is handy. Microsoft also notes that exploit complexity is low, so expect to see threat actors target this one. Definitely test and deploy this update quickly.
12. Remote Code Execution - Microsoft Office (CVE-2025-54906) - High [407]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft Office is a suite of applications designed to help with productivity and completing common tasks on a computer | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
13. Remote Code Execution - Microsoft Office (CVE-2025-54910) - High [407]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft Office is a suite of applications designed to help with productivity and completing common tasks on a computer | |
| 0.8 | 10 | CVSS Base Score is 8.4. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: CVE-2025-54910: Microsoft Office Remote Code Execution Vulnerability A heap-based buffer overflow flaw in Microsoft Office may allow an unauthenticated attacker to achieve remote code execution.
Tenable: CVE-2025-54910 | Microsoft Office Remote Code Execution Vulnerability
Tenable: CVE-2025-54910 is a RCE in Microsoft Office. It was assigned a CVSSv3 score of 8.4 and is rated critical and assessed as “Exploitation Less Likely.” An attacker could exploit this vulnerability by convincing a target to open a specially crafted Office document. Additionally, the advisory notes that exploitation is possible through Microsoft Outlook’s Preview Pane. Successful exploitation would grant the attacker RCE privileges on the target system. For users of Microsoft Office LTSC for Mac 2021 and 2024, the advisory states that updates are not yet available, but will be released soon.
ZDI: CVE-2025-54910- Microsoft Office Remote Code Execution Vulnerability. This is now the eighth month in a row where at least one Office component allowed code execution through the Preview Pane. It would be nice is Microsoft could consolidate some of these fixes rather than dragging them out month after month, but I doubt that will happen. I’m getting very close to recommending disabling the Preview Pane for a bit while Microsoft sorts this out.
14. Remote Code Execution - Windows Graphics Component (CVE-2025-54919) - High [407]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | CVSS Base Score is 7.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
15. Remote Code Execution - Windows Graphics Component (CVE-2025-55228) - High [407]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: CVE-2025-55228: Windows Graphics Component Remote Code Execution Vulnerability An attacker must win a race condition to exploit the vulnerability. Successful exploitation of the vulnerability may allow an authenticated attacker to achieve remote code execution.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
16. Remote Code Execution - Windows NTFS (CVE-2025-54916) - High [407]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | The default file system of the Windows NT family | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Other Microsoft Vulnerability Highlights CVE-2025-54110 is an elevation of privilege vulnerability in the Windows Kernel. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54916 is a remote code execution vulnerability in Windows NTFS. A stack-based buffer overflow flaw in Windows NTFS may allow an authenticated attacker to execute code over a network. CVE-2025-53803 is an information disclosure vulnerability in Windows Kernel Memory. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-53804 is an information disclosure vulnerability in the Windows Kernel-Mode Driver. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-54093 is an elevation of privilege vulnerability in the Windows TCP/IP Driver. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54098 is an elevation of privilege vulnerability in Windows Hyper-V. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
Tenable: CVE-2025-54916 | Windows NTFS Remote Code Execution Vulnerability
Tenable: CVE-2025-54916 is a RCE in Microsoft Windows New Technology File System (NTFS). It was assigned a CVSSv3 score of 7.8 and is rated important and assessed as “Exploitation More Likely.” An attacker that successfully exploits this flaw would gain RCE on the targeted system. According to the advisory, any authenticated attacker could leverage this vulnerability.
17. Remote Code Execution - Microsoft SharePoint (CVE-2025-54897) - High [402]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | Microsoft SharePoint | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Tenable: CVE-2025-54897 | Microsoft SharePoint Remote Code Execution Vulnerability
Tenable: CVE-2025-54897 is a RCE vulnerability in Microsoft SharePoint. It was assigned a CVSSv3 score of 8.8 and is rated important and assessed as “Exploitation Less Likely.” In order to exploit this flaw, an attacker would need to be authenticated as any user and privileged accounts, such as admin or other elevated privileges are not necessary to exploit this flaw. Once authenticated, an attacker could either write arbitrary code or use code injection to execute code on a vulnerable SharePoint Server to gain RCE.
18. Elevation of Privilege - Windows MBT Transport Driver (CVE-2025-55230) - Medium [392]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0.1 | 10 | EPSS Probability is 0.00049, EPSS Percentile is 0.14811 |
MS PT Extended: CVE-2025-55230 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
19. Elevation of Privilege - Windows SMB (CVE-2025-55234) - Medium [392]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: CVE-2025-55234: Windows SMB Elevation of Privilege Vulnerability An improper authentication flaw in the Windows SMB may allow an authenticated attacker to elevate network privileges. Upon successful exploitation of the vulnerability, an attacker could gain administrator privileges.
Tenable: Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234)
Tenable: CVE-2025-55234 | Windows SMB Elevation of Privilege Vulnerability
Tenable: CVE-2025-55234 is an EoP vulnerability affecting Windows Server Message Block (SMB). It was assigned a CVSSv3 score of 8.8 and rated as important. Successful exploitation would allow an unauthenticated attacker to elevate their privileges to that of the compromised user's account. According to Microsoft, this vulnerability was publicly disclosed prior to a patch being made available.
Tenable: CVE-2025-55234 appears to have been released to help customers audit and assess their environment and identify incompatibility issues prior to utilizing some of the hardening capabilities for SMB Servers.
Tenable: CVE-2025-55234 is the fifth Windows SMB vulnerability patched in 2025 and the third Windows SMB EoP disclosed this year. In the June 2025 Patch Tuesday release, Microsoft patched CVE-2025-33073, another publicly disclosed Windows SMB EoP vulnerability. A day after the June 2025 Patch Tuesday release, researchers from RedTeam Pentesting GmbH, one of many researchers credited with reporting the flaw to Microsoft, released a blog post detailing the vulnerability, including proof-of-concept details.
Rapid7: How’s your SMB server configuration? Is it fully hardened, with SMB server signing and Extended Protection for Authentication enabled? If not, then CVE-2025-55234 set out clearly why you should be worrying about SMB Server relay attacks, where an attacker pretends to be a legitimate server using ARP spoofing, DNS poisoning, or some other suitable trickery. Any pen testers or threat actors reading this will no doubt be thinking of the popular OSS tool Responder, which streamlines exactly this sort of attack. Options for attackers include credential relaying (which is mitigated by SMB signing), as well as offline cracking of the hash to reveal the password.
Rapid7: The key takeaway from the CVE-2025-55234 advisory, other than the explanation of the well-known attack surface around SMB authentication, is that this is one of those times where simply patching isn’t enough; in fact, the patches provide administrators with more auditing options to determine whether their SMB Server is interacting with clients that won’t support the recommended hardening options. Other Microsoft server products (e.g. Exchange) offer a similar tough choice: lock out less capable clients, or leave your server in a state which permits relay attacks. None of the attack techniques covered are new, so this isn’t really a zero-day vulnerability, except inasmuch as it was published today, and describes an attack which is already publicly disclosed.
20. 
Authentication Bypass - Chromium (CVE-2025-8881) - Medium [391]
Description: Inappropriate implementation in File Picker in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.98 | 15 | Authentication Bypass | |
| 0.8 | 14 | Chromium is a free and open-source web browser project, mainly developed and maintained by Google | |
| 0.7 | 10 | CVSS Base Score is 6.5. According to NVD data source | |
| 0.0 | 10 | EPSS Probability is 0.00016, EPSS Percentile is 0.0253 |
MS PT Extended: CVE-2025-8881 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
21. Elevation of Privilege - Azure Databricks (CVE-2025-53763) - Medium [389]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Databricks | |
| 1.0 | 10 | CVSS Base Score is 9.8. According to Microsoft data source | |
| 0.3 | 10 | EPSS Probability is 0.00084, EPSS Percentile is 0.25412 |
MS PT Extended: CVE-2025-53763 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
22. Remote Code Execution - Windows SMB Client (CVE-2025-54101) - Medium [388]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows component | |
| 0.5 | 10 | CVSS Base Score is 4.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
23. Elevation of Privilege - Windows TCP/IP Driver (CVE-2025-54093) - Medium [385]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.9 | 14 | A kernel mode driver | |
| 0.7 | 10 | CVSS Base Score is 7.0. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Other Microsoft Vulnerability Highlights CVE-2025-54110 is an elevation of privilege vulnerability in the Windows Kernel. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54916 is a remote code execution vulnerability in Windows NTFS. A stack-based buffer overflow flaw in Windows NTFS may allow an authenticated attacker to execute code over a network. CVE-2025-53803 is an information disclosure vulnerability in Windows Kernel Memory. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-53804 is an information disclosure vulnerability in the Windows Kernel-Mode Driver. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-54093 is an elevation of privilege vulnerability in the Windows TCP/IP Driver. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54098 is an elevation of privilege vulnerability in Windows Hyper-V. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
24. Elevation of Privilege - Microsoft DWM Core Library (CVE-2025-53801) - Medium [380]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
25. Elevation of Privilege - Windows BitLocker (CVE-2025-54912) - Medium [380]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
26. Elevation of Privilege - Windows Connected Devices Platform Service (CVE-2025-54102) - Medium [380]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
27. Elevation of Privilege - Windows Graphics Component (CVE-2025-53800) - Medium [380]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: CVE-2025-53800: Windows Graphics Component Elevation of Privilege Vulnerability Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
28. Elevation of Privilege - Windows UI XAML Maps MapControlSettings (CVE-2025-54913) - Medium [380]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
29. Elevation of Privilege - Windows UI XAML Phone DatePickerFlyout (CVE-2025-54111) - Medium [380]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
30. Remote Code Execution - Microsoft High Performance Compute (HPC) Pack (CVE-2025-55232) - Medium [380]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | Microsoft High Performance Compute (HPC) Pack | |
| 1.0 | 10 | CVSS Base Score is 9.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: CVE-2025-55232: Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability This vulnerability has a CVSS: 3.1 9.8 / 8.5 Policy Compliance Control IDs (CIDs): 18707 List of ‘Inbound Rules’ configured in Windows Firewall via Firewall Application 18731 List of ‘Outbound Rules’ configured in Windows Firewall via Firewall Application The following QQL will return a posture assessment for the CIDs for this Patch Tuesday: control.id: [18707, 18731] The next Patch Tuesday falls on October 14, and we will be back with details and patch analysis. Until next Patch Tuesday, stay safe and secure. Be sure to subscribe to ‘This Month in Vulnerabilities and Patch’s webinar.’
Rapid7: Azure High Performance Computer (HPC) admins should pay close attention to CVE-2025-55232, a critical unauthenticated RCE exploitable over the network. The advisory sets out the pre-requisites for the actual patch, and also hints that appropriate firewall rules should be in place, especially for TCP port 5999. The advisory doesn’t describe exactly what those firewall rules should look like or what they’re protecting, but port 5999 is the default port for the HpcScheduler, which orchestrates HPC jobs, resource management, and cluster communication.
ZDI: CVE-2025-55232 - Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability. This is the highest severity bug by CVSS (9.8) for this month, and it certainly earns it. A remote, unauthenticated attacker could gain code execution on affected systems without user interaction, which makes this potentially wormable between systems with the HPC pack installed. Microsoft recommends ensuring HPC Pack clusters are only deployed in secure enclaves. They also recommend blocking TCP port 5999. If you use HPC Pack clusters, definitely put this on the top of your patching list.
31. Remote Code Execution - Microsoft Excel (CVE-2025-54896) - Medium [373]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | MS Office product | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
32. Remote Code Execution - Microsoft Excel (CVE-2025-54898) - Medium [373]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | MS Office product | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
33. Remote Code Execution - Microsoft Excel (CVE-2025-54899) - Medium [373]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | MS Office product | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
34. Remote Code Execution - Microsoft Excel (CVE-2025-54900) - Medium [373]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | MS Office product | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
35. Remote Code Execution - Microsoft Excel (CVE-2025-54902) - Medium [373]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | MS Office product | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
36. Remote Code Execution - Microsoft Excel (CVE-2025-54903) - Medium [373]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | MS Office product | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
37. Remote Code Execution - Microsoft Excel (CVE-2025-54904) - Medium [373]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | MS Office product | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
38. Remote Code Execution - Microsoft Office Visio (CVE-2025-54907) - Medium [373]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Visio | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
39. Remote Code Execution - Microsoft PowerPoint (CVE-2025-54908) - Medium [373]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft PowerPoint | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
40. Remote Code Execution - Windows Hyper-V (CVE-2025-55224) - Medium [373]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Hardware virtualization component of the client editions of Windows NT | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: CVE-2025-55224: Windows Hyper-V Remote Code Execution Vulnerability Successful exploitation of the vulnerability may allow an authenticated attacker to achieve remote code execution.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
Tenable: CVE-2025-55224 | Windows Hyper-V Remote Code Execution Vulnerability
Tenable: CVE-2025-55224 is a RCE in Windows Hyper-V. It was assigned a CVSSv3 score of 7.8, rated as critical and assessed as “Exploitation Less Likely.” According to the advisory, an attacker who is able to win a race condition could traverse from the guest hosts security boundary in order to execute arbitrary code on the Hyper-V host machine. While the attack complexity for this vulnerability is high, the impact would be significant for an attacker who is able to successfully exploit this vulnerability.
41. Elevation of Privilege - DirectX Graphics Kernel (CVE-2025-55223) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | DirectX Graphics Kernel | |
| 0.7 | 10 | CVSS Base Score is 7.0. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
42. Elevation of Privilege - Windows Ancillary Function Driver for WinSock (CVE-2025-54099) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 7.0. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
43. Elevation of Privilege - Windows BitLocker (CVE-2025-54911) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 7.3. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
44. Elevation of Privilege - Windows Bluetooth Service (CVE-2025-53802) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 7.0. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
45. Elevation of Privilege - Windows Defender Firewall Service (CVE-2025-53808) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.7. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
46. Elevation of Privilege - Windows Defender Firewall Service (CVE-2025-53810) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.7. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
47. Elevation of Privilege - Windows Defender Firewall Service (CVE-2025-54094) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.7. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
48. Elevation of Privilege - Windows Defender Firewall Service (CVE-2025-54104) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.7. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
49. Elevation of Privilege - Windows Defender Firewall Service (CVE-2025-54109) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.7. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
50. Elevation of Privilege - Windows Defender Firewall Service (CVE-2025-54915) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.7. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
51. Elevation of Privilege - Windows Graphics Component (CVE-2025-53807) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 7.0. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
52. Elevation of Privilege - Windows Management Service (CVE-2025-54103) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 7.4. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
53. Elevation of Privilege - Windows MultiPoint Services (CVE-2025-54116) - Medium [368]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 7.3. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
54. Elevation of Privilege - Azure Bot Service (CVE-2025-55244) - Medium [366]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Bot Service | |
| 0.9 | 10 | CVSS Base Score is 9.0. According to Microsoft data source | |
| 0.2 | 10 | EPSS Probability is 0.00081, EPSS Percentile is 0.24677 |
MS PT Extended: CVE-2025-55244 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
55. Elevation of Privilege - Azure Entra (CVE-2025-55241) - Medium [366]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Entra | |
| 0.9 | 10 | CVSS Base Score is 9.0. According to Microsoft data source | |
| 0.2 | 10 | EPSS Probability is 0.00081, EPSS Percentile is 0.24677 |
MS PT Extended: CVE-2025-55241 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
56. Elevation of Privilege - Microsoft PC Manager (CVE-2025-53795) - Medium [366]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Microsoft PC Manager | |
| 0.9 | 10 | CVSS Base Score is 9.1. According to Microsoft data source | |
| 0.2 | 10 | EPSS Probability is 0.00065, EPSS Percentile is 0.20576 |
MS PT Extended: CVE-2025-53795 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
57. 
Memory Corruption - Chromium (CVE-2025-8882) - Medium [365]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.5 | 15 | Memory Corruption | |
| 0.8 | 14 | Chromium is a free and open-source web browser project, mainly developed and maintained by Google | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to NVD data source | |
| 0.3 | 10 | EPSS Probability is 0.00109, EPSS Percentile is 0.29886 |
MS PT Extended: CVE-2025-8882 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
58. Memory Corruption - Chromium (CVE-2025-9478) - Medium [365]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.5 | 15 | Memory Corruption | |
| 0.8 | 14 | Chromium is a free and open-source web browser project, mainly developed and maintained by Google | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to NVD data source | |
| 0.3 | 10 | EPSS Probability is 0.00109, EPSS Percentile is 0.29886 |
MS PT Extended: CVE-2025-9478 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
59. Memory Corruption - Chromium (CVE-2025-9864) - Medium [365]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.5 | 15 | Memory Corruption | |
| 0.8 | 14 | Chromium is a free and open-source web browser project, mainly developed and maintained by Google | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to NVD data source | |
| 0.3 | 10 | EPSS Probability is 0.00109, EPSS Percentile is 0.29886 |
MS PT Extended: CVE-2025-9864 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
60. Security Feature Bypass - Microsoft Edge (CVE-2025-53791) - Medium [365]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Web browser | |
| 0.5 | 10 | CVSS Base Score is 4.7. According to Microsoft data source | |
| 0.1 | 10 | EPSS Probability is 0.0005, EPSS Percentile is 0.14924 |
MS PT Extended: CVE-2025-53791 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
61. 
Information Disclosure - Windows Routing and Remote Access Service (RRAS) (CVE-2025-53796) - Medium [364]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
62. Information Disclosure - Windows Routing and Remote Access Service (RRAS) (CVE-2025-53797) - Medium [364]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
63. Information Disclosure - Windows Routing and Remote Access Service (RRAS) (CVE-2025-53798) - Medium [364]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
64. Information Disclosure - Windows Routing and Remote Access Service (RRAS) (CVE-2025-53806) - Medium [364]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
65. Information Disclosure - Windows Routing and Remote Access Service (RRAS) (CVE-2025-54095) - Medium [364]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
66. Information Disclosure - Windows Routing and Remote Access Service (RRAS) (CVE-2025-54096) - Medium [364]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
67. Information Disclosure - Windows Routing and Remote Access Service (RRAS) (CVE-2025-54097) - Medium [364]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
68. Information Disclosure - Windows Routing and Remote Access Service (RRAS) (CVE-2025-55225) - Medium [364]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 6.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
69. Information Disclosure - Dynamics 365 FastTrack Implementation Assets (CVE-2025-55238) - Medium [362]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.5 | 14 | Dynamics 365 FastTrack Implementation Assets | |
| 0.8 | 10 | CVSS Base Score is 7.5. According to Microsoft data source | |
| 0.3 | 10 | EPSS Probability is 0.00092, EPSS Percentile is 0.26853 |
MS PT Extended: CVE-2025-55238 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
70. Memory Corruption - Chromium (CVE-2025-8879) - Medium [353]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.5 | 15 | Memory Corruption | |
| 0.8 | 14 | Chromium is a free and open-source web browser project, mainly developed and maintained by Google | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to NVD data source | |
| 0.2 | 10 | EPSS Probability is 0.00074, EPSS Percentile is 0.22894 |
MS PT Extended: CVE-2025-8879 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
71. Information Disclosure - Windows Imaging Component (CVE-2025-53799) - Medium [352]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | CVSS Base Score is 5.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: CVE-2025-53799: Windows Imaging Component Information Disclosure Vulnerability Use of an uninitialized resource in the Windows Imaging Component may allow an unauthenticated attacker to disclose information locally. Upon successful exploitation, an attacker could read small portions of heap memory.
72. Information Disclosure - Windows Kernel Memory (CVE-2025-53803) - Medium [352]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | CVSS Base Score is 5.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Other Microsoft Vulnerability Highlights CVE-2025-54110 is an elevation of privilege vulnerability in the Windows Kernel. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54916 is a remote code execution vulnerability in Windows NTFS. A stack-based buffer overflow flaw in Windows NTFS may allow an authenticated attacker to execute code over a network. CVE-2025-53803 is an information disclosure vulnerability in Windows Kernel Memory. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-53804 is an information disclosure vulnerability in the Windows Kernel-Mode Driver. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-54093 is an elevation of privilege vulnerability in the Windows TCP/IP Driver. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54098 is an elevation of privilege vulnerability in Windows Hyper-V. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
73. Information Disclosure - Windows Kernel-Mode Driver (CVE-2025-53804) - Medium [352]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | CVSS Base Score is 5.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Other Microsoft Vulnerability Highlights CVE-2025-54110 is an elevation of privilege vulnerability in the Windows Kernel. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54916 is a remote code execution vulnerability in Windows NTFS. A stack-based buffer overflow flaw in Windows NTFS may allow an authenticated attacker to execute code over a network. CVE-2025-53803 is an information disclosure vulnerability in Windows Kernel Memory. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-53804 is an information disclosure vulnerability in the Windows Kernel-Mode Driver. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-54093 is an elevation of privilege vulnerability in the Windows TCP/IP Driver. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54098 is an elevation of privilege vulnerability in Windows Hyper-V. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
74. Information Disclosure - Xbox Certification Bug Copilot Djando (CVE-2025-55242) - Medium [350]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.5 | 14 | Xbox Certification Bug Copilot Djando | |
| 0.7 | 10 | CVSS Base Score is 6.5. According to Microsoft data source | |
| 0.3 | 10 | EPSS Probability is 0.00103, EPSS Percentile is 0.28763 |
MS PT Extended: CVE-2025-55242 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
75. Elevation of Privilege - Windows Hyper-V (CVE-2025-54091) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.6 | 14 | Hardware virtualization component of the client editions of Windows NT | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Tenable: CVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 | Windows Hyper-V Elevation of Privilege Vulnerabilities
Tenable: CVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 are EoP vulnerabilities in Windows Hyper-V, Microsoft’s virtualization product. CVE-2025-54091, CVE-2025-54092, CVE-2025-54098 were assigned a CVSSv3 score of 7.8 while CVE-2025-54115 was assigned a CVSSv3 score of 7.0. CVE-2025-54098 was assessed as “Exploitation More Likely” while the remaining three flaws were assessed as “Exploitation Less Likely.”
76. Elevation of Privilege - Windows Hyper-V (CVE-2025-54092) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.6 | 14 | Hardware virtualization component of the client editions of Windows NT | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Tenable: CVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 | Windows Hyper-V Elevation of Privilege Vulnerabilities
Tenable: CVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 are EoP vulnerabilities in Windows Hyper-V, Microsoft’s virtualization product. CVE-2025-54091, CVE-2025-54092, CVE-2025-54098 were assigned a CVSSv3 score of 7.8 while CVE-2025-54115 was assigned a CVSSv3 score of 7.0. CVE-2025-54098 was assessed as “Exploitation More Likely” while the remaining three flaws were assessed as “Exploitation Less Likely.”
77. Elevation of Privilege - Windows Hyper-V (CVE-2025-54098) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.6 | 14 | Hardware virtualization component of the client editions of Windows NT | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Other Microsoft Vulnerability Highlights CVE-2025-54110 is an elevation of privilege vulnerability in the Windows Kernel. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54916 is a remote code execution vulnerability in Windows NTFS. A stack-based buffer overflow flaw in Windows NTFS may allow an authenticated attacker to execute code over a network. CVE-2025-53803 is an information disclosure vulnerability in Windows Kernel Memory. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-53804 is an information disclosure vulnerability in the Windows Kernel-Mode Driver. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-54093 is an elevation of privilege vulnerability in the Windows TCP/IP Driver. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54098 is an elevation of privilege vulnerability in Windows Hyper-V. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
Tenable: CVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 | Windows Hyper-V Elevation of Privilege Vulnerabilities
Tenable: CVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 are EoP vulnerabilities in Windows Hyper-V, Microsoft’s virtualization product. CVE-2025-54091, CVE-2025-54092, CVE-2025-54098 were assigned a CVSSv3 score of 7.8 while CVE-2025-54115 was assigned a CVSSv3 score of 7.0. CVE-2025-54098 was assessed as “Exploitation More Likely” while the remaining three flaws were assessed as “Exploitation Less Likely.”
78. Remote Code Execution - Graphics Kernel (CVE-2025-55226) - Medium [345]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | Graphics Kernel | |
| 0.7 | 10 | CVSS Base Score is 6.7. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: CVE-2025-55226: Graphics Kernel Remote Code Execution Vulnerability Successful exploitation of the vulnerability may allow an authenticated attacker to achieve remote code execution.
79. Remote Code Execution - Graphics Kernel (CVE-2025-55236) - Medium [345]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | Graphics Kernel | |
| 0.7 | 10 | CVSS Base Score is 7.3. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: CVE-2025-55236: DirectX Graphics Kernel Remote Code Execution Vulnerability Successful exploitation of the vulnerability may allow an authenticated attacker to achieve remote code execution.
80. Elevation of Privilege - Microsoft SQL Server (CVE-2025-55227) - Medium [342]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Microsoft SQL Server | |
| 0.9 | 10 | CVSS Base Score is 8.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
81. Denial of Service - Windows Connected Devices Platform Service (Cdpsvc) (CVE-2025-54114) - Medium [341]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | CVSS Base Score is 7.0. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
82. Elevation of Privilege - Windows Hyper-V (CVE-2025-54115) - Medium [335]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.6 | 14 | Hardware virtualization component of the client editions of Windows NT | |
| 0.7 | 10 | CVSS Base Score is 7.0. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Tenable: CVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 | Windows Hyper-V Elevation of Privilege Vulnerabilities
Tenable: CVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 are EoP vulnerabilities in Windows Hyper-V, Microsoft’s virtualization product. CVE-2025-54091, CVE-2025-54092, CVE-2025-54098 were assigned a CVSSv3 score of 7.8 while CVE-2025-54115 was assigned a CVSSv3 score of 7.0. CVE-2025-54098 was assessed as “Exploitation More Likely” while the remaining three flaws were assessed as “Exploitation Less Likely.”
Tenable: A local, authenticated attacker could exploit these vulnerabilities to elevate to SYSTEM privileges, though in order to exploit CVE-2025-54115, an attacker would first need to win a race condition, which is what contributed to its lower CVSS score.
83. Information Disclosure - Microsoft Word (CVE-2025-54905) - Medium [331]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.6 | 14 | Microsoft Word is a widely used commercial word processor developed by Microsoft. It is a component of the Microsoft Office suite of productivity software but can also be purchased as a standalone product. | |
| 0.7 | 10 | CVSS Base Score is 7.1. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
84. Elevation of Privilege - Azure Arc (CVE-2025-55316) - Medium [330]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Arc | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
85. Elevation of Privilege - Azure Connected Machine Agent (CVE-2025-49692) - Medium [330]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Connected Machine Agent | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
86. Elevation of Privilege - Local Security Authority Subsystem Service (CVE-2025-54894) - Medium [330]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Local Security Authority Subsystem Service | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
87. Elevation of Privilege - Microsoft AutoUpdate (MAU) (CVE-2025-55317) - Medium [330]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Microsoft AutoUpdate (MAU) | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
88. Elevation of Privilege - SPNEGO Extended Negotiation (NEGOEX) Security Mechanism (CVE-2025-54895) - Medium [330]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
89. Elevation of Privilege - Xbox Gaming Services (CVE-2025-55245) - Medium [330]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Xbox Gaming Services | |
| 0.8 | 10 | CVSS Base Score is 7.8. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
90. Information Disclosure - Microsoft Excel (CVE-2025-54901) - Medium [319]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.6 | 14 | MS Office product | |
| 0.6 | 10 | CVSS Base Score is 5.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
91. Elevation of Privilege - Capability Access Management Service (camsvc) (CVE-2025-54108) - Medium [318]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Capability Access Management Service (camsvc) | |
| 0.7 | 10 | CVSS Base Score is 7.0. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
92. Elevation of Privilege - Microsoft Brokering File System (CVE-2025-54105) - Medium [318]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Microsoft Brokering File System | |
| 0.7 | 10 | CVSS Base Score is 7.0. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
93. Elevation of Privilege - Microsoft Virtual Hard Disk (CVE-2025-54112) - Medium [318]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | The Virtual Hard Disk (VHD) format is a publicly-available image format specification that allows encapsulation of the hard disk into an individual file. | |
| 0.7 | 10 | CVSS Base Score is 7.0. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
94. Elevation of Privilege - PowerShell Direct (CVE-2025-49734) - Medium [318]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.85 | 15 | Elevation of Privilege | |
| 0.5 | 14 | PowerShell Direct | |
| 0.7 | 10 | CVSS Base Score is 7.0. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
95. Information Disclosure - Microsoft SQL Server (CVE-2025-47997) - Medium [314]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.83 | 15 | Information Disclosure | |
| 0.5 | 14 | Microsoft SQL Server | |
| 0.7 | 10 | CVSS Base Score is 6.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
96. Denial of Service - HTTP.sys (CVE-2025-53805) - Medium [303]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.7 | 15 | Denial of Service | |
| 0.5 | 14 | HTTP.sys | |
| 0.8 | 10 | CVSS Base Score is 7.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
97. Denial of Service - Local Security Authority Subsystem Service (LSASS) (CVE-2025-53809) - Medium [291]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.7 | 15 | Denial of Service | |
| 0.5 | 14 | Local Security Authority Subsystem Service (LSASS) | |
| 0.7 | 10 | CVSS Base Score is 6.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
98. Security Feature Bypass - MapUrlToZone (CVE-2025-54107) - Medium [291]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.5 | 14 | MapUrlToZone | |
| 0.4 | 10 | CVSS Base Score is 4.3. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
99. Security Feature Bypass - MapUrlToZone (CVE-2025-54917) - Medium [291]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.5 | 14 | MapUrlToZone | |
| 0.4 | 10 | CVSS Base Score is 4.3. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
100. 
Spoofing - Chromium (CVE-2025-9865) - Medium [276]
Description: Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.4 | 15 | Spoofing | |
| 0.8 | 14 | Chromium is a free and open-source web browser project, mainly developed and maintained by Google | |
| 0.5 | 10 | CVSS Base Score is 5.4. According to NVD data source | |
| 0.1 | 10 | EPSS Probability is 0.0003, EPSS Percentile is 0.07039 |
MS PT Extended: CVE-2025-9865 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
101. Spoofing - Chromium (CVE-2025-9867) - Medium [276]
Description: Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.4 | 15 | Spoofing | |
| 0.8 | 14 | Chromium is a free and open-source web browser project, mainly developed and maintained by Google | |
| 0.5 | 10 | CVSS Base Score is 5.4. According to NVD data source | |
| 0.1 | 10 | EPSS Probability is 0.0003, EPSS Percentile is 0.07039 |
MS PT Extended: CVE-2025-9867 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
102. Spoofing - Windows Certificate (CVE-2025-55229) - Medium [276]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.4 | 15 | Spoofing | |
| 0.8 | 14 | Windows component | |
| 0.5 | 10 | CVSS Base Score is 5.3. According to Microsoft data source | |
| 0.1 | 10 | EPSS Probability is 0.00032, EPSS Percentile is 0.07416 |
MS PT Extended: CVE-2025-55229 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
103. Spoofing - Microsoft OfficePlus (CVE-2025-55243) - Medium [250]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned in available Data Sources | |
| 0 | 17 | The existence of publicly available or private exploit is NOT mentioned in available Data Sources | |
| 0.4 | 15 | Spoofing | |
| 0.5 | 14 | Microsoft OfficePlus | |
| 0.8 | 10 | CVSS Base Score is 7.5. According to Microsoft data source | |
| 0 | 10 | EPSS Probability is 0, EPSS Percentile is 0 |
Denial of Service (1)Qualys: VulnCheck: CVE-2024-21907 Improper Handling of Exceptional Conditions in Newtonsoft.Json Microsoft has fixed a previously known vulnerability in Newtonsoft.Json, which is included as part of Microsoft SQL Server. Microsoft mentioned in the advisory, “CVE-2024-21907 addresses a mishandling of exceptional conditions vulnerability in Newtonsoft.Json before version 13.0.1. Crafted data passed to JsonConvert.The DeserializeObject method may trigger a Stack Overflow exception, resulting in denial of service. Depending on the usage of the library, an unauthenticated remote attacker may cause a denial of service condition.”
Rapid7: What happens if you ask SQL Server to deserialize a JSON object with thousands of levels of nested objects? If you guessed denial of service, then you are good at guessing, because that’s what CVE-2024-21907 describes. As zero-day vulnerabilities go, it doesn’t seem particularly terrifying, since presumably the worst an attacker can do is knock down a service, which can then be picked up again. Of course, that’s all relative, since some SQL Server instances are doing very important work: think hospitals, airports, and other critical infrastructure. Taking a step back: if an unauthenticated attacker can send arbitrary queries directly into your SQL Server instances, then that’s already a broader security architecture issue.
Rapid7: Perhaps the most interesting thing about CVE-2024-21907 is its long and convoluted history. The underlying defect is not in SQL Server, but in Newtonsoft.Json, which is the de facto standard for handling JSON in .NET applications, including SQL Server and many other products. Versions of Newtonsoft.Json prior to 13.0.1 are vulnerable, and this isn’t new information; CVE-2024-21907 was originally made public on 2024-01-03 with some help from VulnCheck, so Microsoft is playing catch-up here. The underlying defect has been public knowledge for way longer than that, however, since Aleph Security first flagged it up way back in 2018 without attaching a CVE number. It remains unclear why Microsoft chose to address this now, but better late than never.
Elevation of Privilege (1)MS PT Extended: CVE-2025-54914 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
Qualys: CVE-2025-54914: Azure Networking Elevation of Privilege Vulnerability Upon successful exploitation, an attacker could elevate privileges.
Rapid7: It’s not every day that we see a perfect(?) 10.0 CVSS v3 base score, but CVE-2025-54914 is one such rare beast, thanks to the seldom-seen scope change described by the CVSS v3 vector. However, that’s all we get; the aggressively minimalist advisory fails to explain the nature of the vulnerability in any way at all. Mercifully, the advisory does pour a little oil on its own troubled waters by clarifying that this is a cloud service vulnerability, Microsoft has already fixed it, and there is no action to be taken by users of the service. Other reasons to consider not panicking: the Acknowledgements section lists only Microsoft researchers, so we can hope that no one else knows enough to do any damage. For anyone wondering which cloud service was impacted, the answer is Azure Networking, which is probably only important if your cloud assets ever need to communicate with anything at all.
Remote Code Execution (26)MS PT Extended: CVE-2025-8880 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
MS PT Extended: CVE-2025-9132 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
MS PT Extended: CVE-2025-8901 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
MS PT Extended: CVE-2025-55231 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
Qualys: CVE-2025-54910: Microsoft Office Remote Code Execution Vulnerability A heap-based buffer overflow flaw in Microsoft Office may allow an unauthenticated attacker to achieve remote code execution.
Tenable: CVE-2025-54910 | Microsoft Office Remote Code Execution Vulnerability
Tenable: CVE-2025-54910 is a RCE in Microsoft Office. It was assigned a CVSSv3 score of 8.4 and is rated critical and assessed as “Exploitation Less Likely.” An attacker could exploit this vulnerability by convincing a target to open a specially crafted Office document. Additionally, the advisory notes that exploitation is possible through Microsoft Outlook’s Preview Pane. Successful exploitation would grant the attacker RCE privileges on the target system. For users of Microsoft Office LTSC for Mac 2021 and 2024, the advisory states that updates are not yet available, but will be released soon.
ZDI: CVE-2025-54910- Microsoft Office Remote Code Execution Vulnerability. This is now the eighth month in a row where at least one Office component allowed code execution through the Preview Pane. It would be nice is Microsoft could consolidate some of these fixes rather than dragging them out month after month, but I doubt that will happen. I’m getting very close to recommending disabling the Preview Pane for a bit while Microsoft sorts this out.
Qualys: CVE-2025-55228: Windows Graphics Component Remote Code Execution Vulnerability An attacker must win a race condition to exploit the vulnerability. Successful exploitation of the vulnerability may allow an authenticated attacker to achieve remote code execution.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
Qualys: Other Microsoft Vulnerability Highlights CVE-2025-54110 is an elevation of privilege vulnerability in the Windows Kernel. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54916 is a remote code execution vulnerability in Windows NTFS. A stack-based buffer overflow flaw in Windows NTFS may allow an authenticated attacker to execute code over a network. CVE-2025-53803 is an information disclosure vulnerability in Windows Kernel Memory. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-53804 is an information disclosure vulnerability in the Windows Kernel-Mode Driver. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-54093 is an elevation of privilege vulnerability in the Windows TCP/IP Driver. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54098 is an elevation of privilege vulnerability in Windows Hyper-V. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
Tenable: CVE-2025-54916 | Windows NTFS Remote Code Execution Vulnerability
Tenable: CVE-2025-54916 is a RCE in Microsoft Windows New Technology File System (NTFS). It was assigned a CVSSv3 score of 7.8 and is rated important and assessed as “Exploitation More Likely.” An attacker that successfully exploits this flaw would gain RCE on the targeted system. According to the advisory, any authenticated attacker could leverage this vulnerability.
Tenable: CVE-2025-54897 | Microsoft SharePoint Remote Code Execution Vulnerability
Tenable: CVE-2025-54897 is a RCE vulnerability in Microsoft SharePoint. It was assigned a CVSSv3 score of 8.8 and is rated important and assessed as “Exploitation Less Likely.” In order to exploit this flaw, an attacker would need to be authenticated as any user and privileged accounts, such as admin or other elevated privileges are not necessary to exploit this flaw. Once authenticated, an attacker could either write arbitrary code or use code injection to execute code on a vulnerable SharePoint Server to gain RCE.
Qualys: CVE-2025-55232: Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability This vulnerability has a CVSS: 3.1 9.8 / 8.5 Policy Compliance Control IDs (CIDs): 18707 List of ‘Inbound Rules’ configured in Windows Firewall via Firewall Application 18731 List of ‘Outbound Rules’ configured in Windows Firewall via Firewall Application The following QQL will return a posture assessment for the CIDs for this Patch Tuesday: control.id: [18707, 18731] The next Patch Tuesday falls on October 14, and we will be back with details and patch analysis. Until next Patch Tuesday, stay safe and secure. Be sure to subscribe to ‘This Month in Vulnerabilities and Patch’s webinar.’
Rapid7: Azure High Performance Computer (HPC) admins should pay close attention to CVE-2025-55232, a critical unauthenticated RCE exploitable over the network. The advisory sets out the pre-requisites for the actual patch, and also hints that appropriate firewall rules should be in place, especially for TCP port 5999. The advisory doesn’t describe exactly what those firewall rules should look like or what they’re protecting, but port 5999 is the default port for the HpcScheduler, which orchestrates HPC jobs, resource management, and cluster communication.
ZDI: CVE-2025-55232 - Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability. This is the highest severity bug by CVSS (9.8) for this month, and it certainly earns it. A remote, unauthenticated attacker could gain code execution on affected systems without user interaction, which makes this potentially wormable between systems with the HPC pack installed. Microsoft recommends ensuring HPC Pack clusters are only deployed in secure enclaves. They also recommend blocking TCP port 5999. If you use HPC Pack clusters, definitely put this on the top of your patching list.
Qualys: CVE-2025-55224: Windows Hyper-V Remote Code Execution Vulnerability Successful exploitation of the vulnerability may allow an authenticated attacker to achieve remote code execution.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
Tenable: CVE-2025-55224 | Windows Hyper-V Remote Code Execution Vulnerability
Tenable: CVE-2025-55224 is a RCE in Windows Hyper-V. It was assigned a CVSSv3 score of 7.8, rated as critical and assessed as “Exploitation Less Likely.” According to the advisory, an attacker who is able to win a race condition could traverse from the guest hosts security boundary in order to execute arbitrary code on the Hyper-V host machine. While the attack complexity for this vulnerability is high, the impact would be significant for an attacker who is able to successfully exploit this vulnerability.
Qualys: CVE-2025-55226: Graphics Kernel Remote Code Execution Vulnerability Successful exploitation of the vulnerability may allow an authenticated attacker to achieve remote code execution.
Qualys: CVE-2025-55236: DirectX Graphics Kernel Remote Code Execution Vulnerability Successful exploitation of the vulnerability may allow an authenticated attacker to achieve remote code execution.
Security Feature Bypass (4)MS PT Extended: CVE-2025-9866 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
MS PT Extended: CVE-2025-53791 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
Elevation of Privilege (43)Qualys: Other Microsoft Vulnerability Highlights CVE-2025-54110 is an elevation of privilege vulnerability in the Windows Kernel. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54916 is a remote code execution vulnerability in Windows NTFS. A stack-based buffer overflow flaw in Windows NTFS may allow an authenticated attacker to execute code over a network. CVE-2025-53803 is an information disclosure vulnerability in Windows Kernel Memory. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-53804 is an information disclosure vulnerability in the Windows Kernel-Mode Driver. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-54093 is an elevation of privilege vulnerability in the Windows TCP/IP Driver. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54098 is an elevation of privilege vulnerability in Windows Hyper-V. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
Qualys: CVE-2025-54918: Windows NTLM Elevation of Privilege Vulnerability An improper authentication flaw in Windows NTLM may allow an authenticated attacker to elevate privileges over a network. Upon successful exploitation, an attacker could gain SYSTEM privileges.
Tenable: CVE-2025-54918 | Windows NTLM Elevation of Privilege Vulnerability
Tenable: CVE-2025-54918 is an EoP vulnerability in Windows New Technology LAN Manager (NTLM). It was assigned a CVSSv3 score of 8.8 and is rated critical. It was assessed as “Exploitation More Likely” according to Microsoft’s Exploitability Index. According to the advisory, successful exploitation would allow an attacker to elevate their privileges to SYSTEM.
ZDI: CVE-2025-54918 - Windows NTLM Elevation of Privilege Vulnerability. This privilege escalation allows an authenticated threat actor to escalate to SYSTEM on affected systems over the network. While not a scope change, going from a standard Windows user to SYSTEM is handy. Microsoft also notes that exploit complexity is low, so expect to see threat actors target this one. Definitely test and deploy this update quickly.
MS PT Extended: CVE-2025-55230 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
Qualys: CVE-2025-55234: Windows SMB Elevation of Privilege Vulnerability An improper authentication flaw in the Windows SMB may allow an authenticated attacker to elevate network privileges. Upon successful exploitation of the vulnerability, an attacker could gain administrator privileges.
Tenable: Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234)
Tenable: CVE-2025-55234 | Windows SMB Elevation of Privilege Vulnerability
Tenable: CVE-2025-55234 is an EoP vulnerability affecting Windows Server Message Block (SMB). It was assigned a CVSSv3 score of 8.8 and rated as important. Successful exploitation would allow an unauthenticated attacker to elevate their privileges to that of the compromised user's account. According to Microsoft, this vulnerability was publicly disclosed prior to a patch being made available.
Tenable: CVE-2025-55234 appears to have been released to help customers audit and assess their environment and identify incompatibility issues prior to utilizing some of the hardening capabilities for SMB Servers.
Tenable: CVE-2025-55234 is the fifth Windows SMB vulnerability patched in 2025 and the third Windows SMB EoP disclosed this year. In the June 2025 Patch Tuesday release, Microsoft patched CVE-2025-33073, another publicly disclosed Windows SMB EoP vulnerability. A day after the June 2025 Patch Tuesday release, researchers from RedTeam Pentesting GmbH, one of many researchers credited with reporting the flaw to Microsoft, released a blog post detailing the vulnerability, including proof-of-concept details.
Rapid7: How’s your SMB server configuration? Is it fully hardened, with SMB server signing and Extended Protection for Authentication enabled? If not, then CVE-2025-55234 set out clearly why you should be worrying about SMB Server relay attacks, where an attacker pretends to be a legitimate server using ARP spoofing, DNS poisoning, or some other suitable trickery. Any pen testers or threat actors reading this will no doubt be thinking of the popular OSS tool Responder, which streamlines exactly this sort of attack. Options for attackers include credential relaying (which is mitigated by SMB signing), as well as offline cracking of the hash to reveal the password.
Rapid7: The key takeaway from the CVE-2025-55234 advisory, other than the explanation of the well-known attack surface around SMB authentication, is that this is one of those times where simply patching isn’t enough; in fact, the patches provide administrators with more auditing options to determine whether their SMB Server is interacting with clients that won’t support the recommended hardening options. Other Microsoft server products (e.g. Exchange) offer a similar tough choice: lock out less capable clients, or leave your server in a state which permits relay attacks. None of the attack techniques covered are new, so this isn’t really a zero-day vulnerability, except inasmuch as it was published today, and describes an attack which is already publicly disclosed.
MS PT Extended: CVE-2025-53763 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
Qualys: Other Microsoft Vulnerability Highlights CVE-2025-54110 is an elevation of privilege vulnerability in the Windows Kernel. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54916 is a remote code execution vulnerability in Windows NTFS. A stack-based buffer overflow flaw in Windows NTFS may allow an authenticated attacker to execute code over a network. CVE-2025-53803 is an information disclosure vulnerability in Windows Kernel Memory. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-53804 is an information disclosure vulnerability in the Windows Kernel-Mode Driver. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-54093 is an elevation of privilege vulnerability in the Windows TCP/IP Driver. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54098 is an elevation of privilege vulnerability in Windows Hyper-V. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
Qualys: CVE-2025-53800: Windows Graphics Component Elevation of Privilege Vulnerability Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
MS PT Extended: CVE-2025-55244 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
MS PT Extended: CVE-2025-55241 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
MS PT Extended: CVE-2025-53795 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
Qualys: Other Microsoft Vulnerability Highlights CVE-2025-54110 is an elevation of privilege vulnerability in the Windows Kernel. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54916 is a remote code execution vulnerability in Windows NTFS. A stack-based buffer overflow flaw in Windows NTFS may allow an authenticated attacker to execute code over a network. CVE-2025-53803 is an information disclosure vulnerability in Windows Kernel Memory. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-53804 is an information disclosure vulnerability in the Windows Kernel-Mode Driver. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-54093 is an elevation of privilege vulnerability in the Windows TCP/IP Driver. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54098 is an elevation of privilege vulnerability in Windows Hyper-V. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
Tenable: CVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 | Windows Hyper-V Elevation of Privilege Vulnerabilities
Tenable: CVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 are EoP vulnerabilities in Windows Hyper-V, Microsoft’s virtualization product. CVE-2025-54091, CVE-2025-54092, CVE-2025-54098 were assigned a CVSSv3 score of 7.8 while CVE-2025-54115 was assigned a CVSSv3 score of 7.0. CVE-2025-54098 was assessed as “Exploitation More Likely” while the remaining three flaws were assessed as “Exploitation Less Likely.”
Tenable: A local, authenticated attacker could exploit these vulnerabilities to elevate to SYSTEM privileges, though in order to exploit CVE-2025-54115, an attacker would first need to win a race condition, which is what contributed to its lower CVSS score.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
Authentication Bypass (1)MS PT Extended: CVE-2025-8881 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
Memory Corruption (4)MS PT Extended: CVE-2025-8882 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
MS PT Extended: CVE-2025-8879 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
MS PT Extended: CVE-2025-9864 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
MS PT Extended: CVE-2025-9478 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
Information Disclosure (16)Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
MS PT Extended: CVE-2025-55238 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
Qualys: CVE-2025-53799: Windows Imaging Component Information Disclosure Vulnerability Use of an uninitialized resource in the Windows Imaging Component may allow an unauthenticated attacker to disclose information locally. Upon successful exploitation, an attacker could read small portions of heap memory.
Qualys: Other Microsoft Vulnerability Highlights CVE-2025-54110 is an elevation of privilege vulnerability in the Windows Kernel. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54916 is a remote code execution vulnerability in Windows NTFS. A stack-based buffer overflow flaw in Windows NTFS may allow an authenticated attacker to execute code over a network. CVE-2025-53803 is an information disclosure vulnerability in Windows Kernel Memory. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-53804 is an information disclosure vulnerability in the Windows Kernel-Mode Driver. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-54093 is an elevation of privilege vulnerability in the Windows TCP/IP Driver. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54098 is an elevation of privilege vulnerability in Windows Hyper-V. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
Qualys: Other Microsoft Vulnerability Highlights CVE-2025-54110 is an elevation of privilege vulnerability in the Windows Kernel. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54916 is a remote code execution vulnerability in Windows NTFS. A stack-based buffer overflow flaw in Windows NTFS may allow an authenticated attacker to execute code over a network. CVE-2025-53803 is an information disclosure vulnerability in Windows Kernel Memory. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-53804 is an information disclosure vulnerability in the Windows Kernel-Mode Driver. Successful exploitation of the vulnerability may allow an authenticated attacker to disclose information locally. CVE-2025-54093 is an elevation of privilege vulnerability in the Windows TCP/IP Driver. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges. CVE-2025-54098 is an elevation of privilege vulnerability in Windows Hyper-V. Upon successful exploitation of the vulnerability, an attacker could gain SYSTEM privileges.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
MS PT Extended: CVE-2025-55242 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
Denial of Service (3)Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
Qualys: Mitigation: Reducing Risk Until Remediation Not every team can patch immediately due to operational challenges. TruRisk™ Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS). As a first set of our mitigant signature set, we have Qualys-created mitigations for the following 18 vulnerabilities: CVE-2025-54114, CVE-2025-54102, CVE-2025-54095, CVE-2025-53798, CVE-2025-54096, CVE-2025-54097, CVE-2025-53797, CVE-2025-54106, CVE-2025-53806, CVE-2025-53796, CVE-2025-55225, CVE-2025-54113, CVE-2025-55228, CVE-2025-54919, CVE-2025-55224, CVE-2025-54917, CVE-2025-54107, CVE-2025-53803, CVE-2025-53804, CVE-2025-54110, CVE-2025-54894, CVE-2025-53809, CVE-2025-53801, and CVE-2025-53802.
Spoofing (4)MS PT Extended: CVE-2025-9867 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
MS PT Extended: CVE-2025-9865 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08
MS PT Extended: CVE-2025-55229 was published before September 2025 Patch Tuesday from 2025-08-13 to 2025-09-08