PT-2026-24294 · Microsoft · Windows

Publicado

2026-03-10

Atualizado

2026-03-17

CVE-2026-25167

CVSS v3.1

7.4

Alta

Vetor

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Microsoft Brokering File System (affected versions not specified)

Description A use-after-free condition exists in the Microsoft Brokering File System, potentially allowing an unauthorized attacker to elevate privileges locally. Exploitation of this issue may allow an attacker to affect the system. The vulnerability relates to the use of memory after it has been freed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

BDU:2026-02994

CVE-2026-25167

Produtos afetados

Windows

PT-2026-24294 · Microsoft · Windows

CVE-2026-25167

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7