Microsoft Windows Server 2025
Moderate fix1 remedy
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*
Moderate fix1 remedy
Microsoft Windows Connected Devices Platform Service Privilege Escalation Vulnerability
Vulnerability
A heap-based buffer overflow vulnerability has been identified in the Connected Devices Platform Service (Cdpsvc) on Microsoft Windows. This vulnerability allows an authorized attacker to elevate privileges locally, potentially gaining SYSTEM privileges. The issue arises from a heap-based buffer overflow, which can be exploited to manipulate memory and execute arbitrary code with elevated rights.
Impact
Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing an attacker to gain SYSTEM privileges.
Remediation
Users can apply the security update provided by Microsoft to address this vulnerability. This security update is available through the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5073379, KB5074109, KB5073450, KB5073724, and KB5073723.
Added: Jan 13, 2026, 7:44 PM
Updated: Jan 13, 2026, 7:44 PM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
7.5exploitability
3.3remediation
7.7relevance
2.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.