Elevation of Privilege Vulnerability in Windows DWM Core Library by Microsoft
CVE-2025-24060
7.8HIGH
Key Information:
- Vendor
Microsoft
- Status
- Vendor
- CVE Published:
- 8 April 2025
What is CVE-2025-24060?
The issue in the Windows DWM Core Library stems from inadequate input validation, allowing an authorized attacker to exploit this flaw for local privilege escalation. This vulnerability poses a serious risk, as it can enable attackers to execute arbitrary code and gain elevated privileges within the affected system, potentially leading to unauthorized access and control.
Affected Version(s)
Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.7136
Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.5737
Windows 10 Version 22H2 x64-based Systems 10.0.19045.0 < 10.0.19045.5737