Primary

Context

Microsoft PowerShell Improper Access Control Vulnerability Allowing Privilege Escalation

Vulnerability

Patched

A vulnerability in Microsoft PowerShell has been identified, allowing an authorized attacker to elevate privileges locally. This issue arises from improper access control, enabling attackers to gain elevated rights and potentially execute actions with higher privileges than intended.

Impact

Exploitation of this vulnerability could allow an authenticated attacker to gain elevated privileges, enabling them to create, modify, or delete files with the rights of the 'NT AUTHORITY\SYSTEM' account.

Remediation

Users can download the security update for PowerShell 7.5 or 7.4 through the Microsoft Update Catalog. For Windows Server 2012 R2, 2012, 2008 R2, 2016, 2022, and various Windows 10 and 11 versions, security updates are also available via the Microsoft Update Catalog.

Added: Oct 14, 2025, 5:47 PM

Updated: Oct 14, 2025, 10:40 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

10.0

exploitability

3.0

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

10.0

exploitability

3.0

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft PowerShell Improper Access Control Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

Microsoft PowerShell

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating