Remote Denial of Service Vulnerability in Microsoft HoloLens Devices
CVE-2024-57972

6.5MEDIUM

Key Information:

Vendor: Microsoft
Status: Hololens
Vendor: CVE Published:; 6 March 2025

What is CVE-2024-57972?

A security flaw exists in the pairing request method utilized by Microsoft HoloLens devices that can be exploited by remote attackers. This vulnerability allows malicious actors to disrupt the normal operation of the device via the Device Portal framework, potentially leading to a Denial of Service attack. Users of affected HoloLens devices may experience significant interruptions as a result of this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

HoloLens HoloLens 1 10 <= 10.0.17763.3046

HoloLens HoloLens 2 10 <= 10.0.22621.1244

References

https://github.com/tania-silva/Hololens

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 6, 2025
Vulnerability Reserved
Feb 20, 2025

JSON

Microsoft

What is CVE-2024-57972?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

EPSS Score

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.