Primary

Context

Microsoft Windows Hyper-V Out-of-Bounds Read Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability has been identified in Windows Hyper-V. This issue arises from an out-of-bounds read, which allows an unauthorized attacker to execute code locally. The vulnerability affects several Windows versions, including Windows 10, Windows 11, Windows Server 2016, and Windows Server 2022.

Impact

Exploitation of this vulnerability could lead to unauthorized local code execution.

Reproduction

To reproduce this vulnerability, a user must be tricked into importing a malicious INF file, which can trigger the out-of-bounds read and allow for code execution.

Remediation

Users can apply the security updates provided by Microsoft to address this vulnerability. These security updates can be downloaded via the Microsoft Update Catalog.

Added: Jul 8, 2025, 9:12 PM

Updated: Jul 8, 2025, 9:12 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.8

remediation

0.0

relevance

0.2

threat

1.6

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.8

remediation

0.0

relevance

0.2

threat

1.6

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Windows Hyper-V Out-of-Bounds Read Remote Code Execution Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating