Elevation of Privilege Vulnerability in Microsoft AutoUpdate
CVE-2025-21360

7.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Autoupdate For Mac
Vendor: CVE Published:; 14 January 2025

What is CVE-2025-21360?

The vulnerability in Microsoft AutoUpdate allows attackers to exploit the software to gain elevated privileges on the system. This can lead to unauthorized access and manipulation of files or settings, posing serious security risks for users. Quick remediation and system updates are essential to mitigate potential attacks leveraging this vulnerability.

Affected Version(s)

Microsoft AutoUpdate for Mac Unknown 0 < 4.76

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 14, 2025
Vulnerability Reserved
Dec 11, 2024