PT-2025-1213 · Microsoft · Windows Connected Devices Platform Service+1

Eduardo Berlanga

Published

2025-01-14

Updated

2025-01-27

CVE-2025-21207

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Windows Connected Devices Platform Service (Cdpsvc) (affected versions not specified)

Description The issue is related to an uncontrolled consumption of resources in the Windows Connected Devices Platform Service (Cdpsvc) component of the Microsoft Windows operating system. This can be exploited by a remote attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

BDU:2025-00592

CVE-2025-21207

Affected Products

Windows

Windows Connected Devices Platform Service

PT-2025-1213 · Microsoft · Windows Connected Devices Platform Service+1

CVE-2025-21207

Weakness Enumeration

Related Identifiers

Affected Products

References · 7