Return to CVE list

CVE-2025-24994

7.3

Critical

CVE-2025-24994

11 Mar 2025

secure@microsoft.com

Awaiting Analysis

View on MITRE Find on GitHub

Description

Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

secure@microsoft.com

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24994