Information Disclosure Vulnerability in Windows GDI
CVE-2025-47984

7.5HIGH

Key Information:

Vendor: Microsoft
Status: Windows 10 Version 1507; Windows 10 Version 1607; Windows 10 Version 1809; Windows 10 Version 21h2
Vendor: CVE Published:; 8 July 2025

What is CVE-2025-47984?

A flaw within the Windows Graphics Device Interface (GDI) allows unauthorized attackers to exploit a protection mechanism failure, enabling them to disclose sensitive information over a network. This vulnerability highlights the need for constant vigilance and robust security measures within systems that rely on GDI for graphical rendering and interface management.

Affected Version(s)

Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.21073

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.8246

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.7558

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisorypatch

EPSS Score

14% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2025
Vulnerability Reserved
May 14, 2025

CVE-2025-47984 Data

JSON

Microsoft

What is CVE-2025-47984?

Affected Version(s)

References

EPSS Score

CVSS V3.1

Timeline