Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally.
2025-05-13T17:15:52.440
2025-05-19T18:21:27.673
Analyzed
CVSSv3.1: 6.7 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | microsoft | windows_hardware_lab_kit | < 10.1.17763.7010 | Yes |
| Operating System | microsoft | windows_10_1809 | - | No |
| Operating System | microsoft | windows_server_2019 | - | No |
| Application | microsoft | windows_hardware_lab_kit | < 10.1.19041.5609 | Yes |
| Operating System | microsoft | windows_10_2004 | - | No |
| Operating System | microsoft | windows_10_20h2 | - | No |
| Operating System | microsoft | windows_10_21h1 | - | No |
| Operating System | microsoft | windows_10_21h2 | - | No |
| Operating System | microsoft | windows_10_22h2 | - | No |
| Application | microsoft | windows_hardware_lab_kit | < 10.1.20348.3330 | Yes |
| Operating System | microsoft | windows_server_2022 | - | No |
| Application | microsoft | windows_hardware_lab_kit | < 10.1.22621.5040 | Yes |
| Operating System | microsoft | windows_11_22h2 | - | No |
| Application | microsoft | windows_hardware_lab_kit | < 10.1.26100.3478 | Yes |
| Operating System | microsoft | windows_11_24h2 | - | No |
| Operating System | microsoft | windows_server_2025 | - | No |