Windows Update Service
by Microsoft
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-48815 | 0.00 | — | 0.01 | Jul 8, 2025 | Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-48799 | 0.00 | — | 0.03 | Jul 8, 2025 | Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-47976 | 0.00 | — | 0.01 | Jul 8, 2025 | Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally. |
- CVE-2025-48815Jul 8, 2025risk 0.00cvss —epss 0.01
Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
- CVE-2025-48799Jul 8, 2025risk 0.00cvss —epss 0.03
Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.
- CVE-2025-47976Jul 8, 2025risk 0.00cvss —epss 0.01
Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.