Microsoft Universal Plug and Play Information Disclosure Vulnerability

A vulnerability in Universal Plug and Play (UPnP) component upnp.dll allows an authorized attacker to locally disclose information. This issue arises from improper link resolution before file access, commonly known as 'link following'. Exploitation could enable the attacker to read files accessible to the UPnP Device Host Service, which operates under the LOCAL SERVICE account. The exposed information may include restricted system files or configuration data that would typically be inaccessible to the attacker.

Impact

Exploitation of this vulnerability could lead to unauthorized access to files that the UPnP Device Host Service is allowed to read. This could include sensitive system files or configuration data.

Remediation

Users can apply the security update for this vulnerability through the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5082200, KB5082126, KB5082127, KB5082198, KB5082060, KB5082052, and KB5083768.