Remote Code Execution Vulnerability in Windows Connected Devices Platform Service
CVE-2025-49724
8.8HIGH
Key Information:
- Vendor
Microsoft
- Status
- Vendor
- CVE Published:
- 8 July 2025
What is CVE-2025-49724?
The Windows Connected Devices Platform Service contains a use-after-free vulnerability that can be exploited by an unauthorized attacker to execute arbitrary code over a network. This could potentially allow the attacker to gain control over affected systems, impacting device integrity and user data security. Proper mitigations should be applied to protect sensitive information and prevent unauthorized exploitations. For further details and mitigation strategies, visit the official Microsoft security advisory.
Affected Version(s)
Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.7558
Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.6093
Windows 10 Version 22H2 x64-based Systems 10.0.19045.0 < 10.0.19045.6093