Name of the Vulnerable Software and Affected Versions: Windows Defender Firewall Service (affected versions not specified) Description: A type confusion issue in the Windows Defender Firewall Service can allow a locally authenticated attacker to gain elevated privileges. This issue allows attackers to affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Defender Firewall Service (affected versions not specified) Description: A type confusion issue in the Windows Defender Firewall Service can allow a locally authorized attacker to elevate privileges. This issue allows attackers to affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Defender Firewall Service (affected versions not specified) Description: A type confusion issue in the Windows Defender Firewall Service can allow a locally authorized attacker to elevate privileges. This issue allows attackers to affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Defender Firewall Service (affected versions not specified) Description: A type confusion issue exists within the Windows Defender Firewall Service. This flaw enables a locally authenticated attacker to gain elevated privileges on the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Universal Plug and Play (UPnP) Device Host (affected versions not specified) Description: The issue is related to a use after free condition in the Windows Universal Plug and Play (UPnP) Device Host, which allows an authorized attacker to elevate privileges over an adjacent network. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Universal Plug and Play (UPnP) Device Host (affected versions not specified) Description: The issue concerns sensitive data storage in improperly locked memory, allowing an authorized attacker to elevate privileges over an adjacent network. This affects the Windows Universal Plug and Play (UPnP) Device Host. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows SSDP Service (affected versions not specified) Description: The issue is related to a 'type confusion' problem in the Windows SSDP Service, allowing an authorized attacker to elevate privileges locally. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows SSDP Service (affected versions not specified) Description: The issue concerns a double free in the Windows SSDP Service, which allows an authorized attacker to elevate privileges locally. This means an attacker with certain permissions can exploit this issue to gain higher levels of access to the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows (affected versions not specified) Description: The issue is related to a use after free condition in the Windows SSDP Service, which allows an authorized attacker to elevate privileges locally. This means an attacker with certain permissions can exploit this condition to gain higher access levels within the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows versions (affected versions not specified) **Description** An uncontrolled resource consumption issue exists within the Windows Standards-Based Storage Management Service. Exploitation of this issue allows an unauthorized attacker to cause a denial of service over a network. The issue can also allow attackers to affect the system, potentially leading to a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows KDC Proxy Service (KPSSVC) (affected versions not specified) **Description** The issue allows an unauthorized attacker to execute code over a network due to a use after free flaw in the Windows KDC Proxy Service. This enables remote attackers to execute arbitrary code and affect the system. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Remote Desktop Gateway Service (affected versions not specified) Description: The issue is related to uncontrolled resource consumption in the Remote Desktop Gateway Service, allowing an unauthorized attacker to deny service over a network. This can halt enterprise remote access. Recommendations: Apply Microsoft's update KB5050009. As a temporary workaround, consider restricting access to the Remote Desktop Gateway Service to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Windows (affected versions not specified) Description: The issue concerns sensitive data storage in improperly locked memory, which can be exploited by an authorized attacker to elevate privileges locally. This allows attackers to affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Standards-Based Storage Management Service (affected versions not specified) Description: The issue concerns uncontrolled resource consumption, allowing an unauthorized attacker to deny service over a network. This can affect the system, leading to a denial-of-service condition. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Kerberos (affected versions not specified) Description: The issue is related to an insufficient resource pool in Windows Kerberos, allowing an unauthorized attacker to deny service over a network. This can be exploited to affect the system, leading to a denial-of-service condition. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows HTTP.sys (affected versions not specified) Description: The issue is related to uncontrolled resource consumption in Windows HTTP.sys, which allows an unauthorized attacker to deny service over a network. This is a denial-of-service vulnerability that enables attackers to affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Universal Plug and Play (UPnP) Device Host (affected versions not specified) Description: The issue concerns sensitive data storage in improperly locked memory, allowing an authorized attacker to elevate privileges over a network. This can be exploited by an attacker with authorization to access the network. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Standards-Based Storage Management Service (affected versions not specified) Description: The issue is related to uncontrolled resource consumption, allowing an unauthorized attacker to deny service over a network. This can affect the system, leading to a denial-of-service condition. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Streaming Service (affected versions not specified) Description: The issue concerns sensitive data storage in improperly locked memory, allowing an unauthorized attacker to deny service over a network. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IKEA CN iOS version 4.13.0 **Description** The issue allows attackers to access sensitive user information by supplying a crafted link. **Recommendations** For IKEA CN iOS version 4.13.0, update to a newer version that contains a fix for this issue.