Information Disclosure Vulnerability in Xbox by Microsoft
CVE-2025-55242

6.5MEDIUM

Key Information:

Vendor: Microsoft
Status: Xbox Gaming Services
Vendor: CVE Published:; 4 September 2025

What is CVE-2025-55242?

A vulnerability present in Xbox products enables unauthorized actors to expose sensitive information through network access. This flaw allows attackers to potentially access confidential data, posing significant risks to users' privacy and security. It's crucial for Xbox users and administrators to be aware of this vulnerability and take appropriate measures to secure their systems.

Affected Version(s)

Xbox Gaming Services Unknown

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2025
Vulnerability Reserved
Aug 11, 2025