Microsoft Windows Server 2012
Moderate fix2 remedies
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*
Moderate fix2 remedies
Microsoft Windows Hyper-V Privilege Escalation Vulnerability
Vulnerability
A heap-based buffer overflow vulnerability has been identified in Windows Hyper-V. This vulnerability allows an authorized attacker to locally elevate privileges. The issue arises when a crafted VHDX file is processed, potentially leading to unauthorized access to SYSTEM privileges.
Impact
Exploitation of this vulnerability could allow an authenticated attacker to gain elevated privileges, specifically SYSTEM rights, on the affected system.
Reproduction
To reproduce this vulnerability, an authenticated attacker can create a malicious VHDX file and use it as an argument in a call to the VHDMP API. This process takes advantage of the heap-based buffer overflow, leading to unauthorized privilege escalation.
Remediation
Users can apply the security updates provided by Microsoft to address this vulnerability. These security updates can be downloaded via the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5063871, KB5063889, KB5063906, KB5063950, and KB5064010.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
7.5exploitability
3.6remediation
7.7relevance
0.3threat
1.6urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.