Windows Telephony Service
by Microsoft
CVEs (26)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42968 | Med | 0.36 | 5.5 | 0.00 | Jun 9, 2026 | Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally. | ||
| CVE-2025-21417 | 0.01 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21411 | 0.01 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2023-36005 | 0.01 | — | 0.24 | Dec 12, 2023 | Windows Telephony Server Elevation of Privilege Vulnerability | |||
| CVE-2026-25188 | 0.00 | — | 0.01 | Mar 10, 2026 | Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network. | |||
| CVE-2025-21205 | 0.00 | — | 0.01 | Apr 8, 2025 | Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-27477 | 0.00 | — | 0.01 | Apr 8, 2025 | Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-24056 | 0.00 | — | 0.02 | Mar 11, 2025 | Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-21371 | 0.00 | — | 0.02 | Feb 11, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21407 | 0.00 | — | 0.02 | Feb 11, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21245 | 0.00 | — | 0.02 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21223 | 0.00 | — | 0.02 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21305 | 0.00 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21286 | 0.00 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21273 | 0.00 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21303 | 0.00 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21244 | 0.00 | — | 0.02 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21241 | 0.00 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2024-43635 | 0.00 | — | 0.02 | Nov 12, 2024 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2024-43621 | 0.00 | — | 0.02 | Nov 12, 2024 | Windows Telephony Service Remote Code Execution Vulnerability |
- risk 0.36cvss 5.5epss 0.00
Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally.
- CVE-2025-21417Jan 14, 2025risk 0.01cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21411Jan 14, 2025risk 0.01cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2023-36005Dec 12, 2023risk 0.01cvss —epss 0.24
Windows Telephony Server Elevation of Privilege Vulnerability
- CVE-2026-25188Mar 10, 2026risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network.
- CVE-2025-21205Apr 8, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
- CVE-2025-27477Apr 8, 2025risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
- CVE-2025-24056Mar 11, 2025risk 0.00cvss —epss 0.02
Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.
- CVE-2025-21371Feb 11, 2025risk 0.00cvss —epss 0.02
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21407Feb 11, 2025risk 0.00cvss —epss 0.02
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21245Jan 14, 2025risk 0.00cvss —epss 0.02
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21223Jan 14, 2025risk 0.00cvss —epss 0.02
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21305Jan 14, 2025risk 0.00cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21286Jan 14, 2025risk 0.00cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21273Jan 14, 2025risk 0.00cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21303Jan 14, 2025risk 0.00cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21244Jan 14, 2025risk 0.00cvss —epss 0.02
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21241Jan 14, 2025risk 0.00cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2024-43635Nov 12, 2024risk 0.00cvss —epss 0.02
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2024-43621Nov 12, 2024risk 0.00cvss —epss 0.02
Windows Telephony Service Remote Code Execution Vulnerability
Page 1 of 2