Windows StateRepository API
by Microsoft
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-49723 | Hig | 0.57 | 8.8 | 0.00 | Jul 8, 2025 | Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally. | ||
| CVE-2025-53789 | Hig | 0.51 | 7.8 | 0.00 | Aug 12, 2025 | Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-59203 | Med | 0.36 | 5.5 | 0.00 | Oct 14, 2025 | Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally. |
- risk 0.57cvss 8.8epss 0.00
Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.
- risk 0.51cvss 7.8epss 0.00
Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally.
- risk 0.36cvss 5.5epss 0.00
Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally.