Untrusted Pointer Dereference in Windows Kernel Affects Microsoft Products
CVE-2025-27739

7.8HIGH

Key Information:

Vendor
Microsoft
Status
Windows 10 Version 1809
Windows Server 2019
Windows Server 2019 (server Core Installation)
Windows Server 2022
Vendor
CVE Published:
8 April 2025

Summary

The vulnerability in the Windows Kernel arises from an untrusted pointer dereference issue, which may be exploited by authorized attackers to gain elevated privileges on affected systems. This flaw highlights the importance of maintaining updated security measures to protect against potential local exploits that target the Windows platform.

Affected Version(s)

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.7136

Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.5737

Windows 10 Version 22H2 x64-based Systems 10.0.19045.0 < 10.0.19045.5737

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-27739 : Untrusted Pointer Dereference in Windows Kernel Affects Microsoft Products | SecurityVulnerability.io