Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-24076

Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.

2025-03-11T17:16:30.480

2025-07-07T17:24:22.777

Analyzed

CVSSv3.1: 7.3 (HIGH)

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	microsoft	windows_11_22h2	< 10.0.22621.5039	Yes
Operating System	microsoft	windows_11_23h2	< 10.0.22631.5039	Yes
Operating System	microsoft	windows_11_24h2	< 10.0.26100.3403	Yes
Operating System	microsoft	windows_server_2022_23h2	< 10.0.25398.1486	Yes
Operating System	microsoft	windows_server_2025	< 10.0.26100.3403	Yes