CVE-2025-49734

Name
CVE-2025-49734
Description
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
vendor-advisory https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49734

Match rules

CPE URI Source package Min version Max version
windows-10-version-1809 >= 10.0.17763.0 < 10.0.17763.7792
windows-server-2019 >= 10.0.17763.0 < 10.0.17763.7792
windows-server-2019-(server-core-installation) >= 10.0.17763.0 < 10.0.17763.7792
windows-server-2022 >= 10.0.20348.0 < 10.0.20348.4171
windows-10-version-21h2 >= 10.0.19044.0 < 10.0.19044.6332
windows-11-version-22h2 >= 10.0.22621.0 < 10.0.22621.5909
windows-10-version-22h2 >= 10.0.19045.0 < 10.0.19045.6332
windows-server-2025-(server-core-installation) >= 10.0.26100.0 < 10.0.26100.6584
windows-11-version-22h3 >= 10.0.22631.0 < 10.0.22631.5909
windows-11-version-23h2 >= 10.0.22631.0 < 10.0.22631.5909
windows-server-2022,-23h2-edition-(server-core-installation) >= 10.0.25398.0 < 10.0.25398.1849
windows-11-version-24h2 >= 10.0.26100.0 < 10.0.26100.6584
windows-server-2025 >= 10.0.26100.0 < 10.0.26100.6584
windows-10-version-1607 >= 10.0.14393.0 < 10.0.14393.8422
windows-server-2016 >= 10.0.14393.0 < 10.0.14393.8422
windows-server-2016-(server-core-installation) >= 10.0.14393.0 < 10.0.14393.8422
powershell-7.4 >= 7.4.0 < 7.4.12
powershell-7.5 >= 7.5.0 < 7.5.3
cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:* powershell >= 7.4 < 7.4.12
cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:* powershell >= 7.5 < 7.5.3
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* windows_10_1607 >= None < 10.0.14393.8422
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* windows_10_1809 >= None < 10.0.17763.7792
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* windows_10_21h2 >= None < 10.0.19044.6332
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* windows_10_22h2 >= None < 10.0.19045.6332
cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* windows_11_22h2 >= None < 10.0.22621.5909
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:* windows_11_23h2 >= None < 10.0.22631.5909
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:* windows_11_24h2 >= None < 10.0.26100.6508
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* windows_server_2016 >= None < 10.0.14393.8422
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* windows_server_2019 >= None < 10.0.17763.7792
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* windows_server_2022 >= None < 10.0.20348.4106
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* windows_server_2022_23h2 >= None < 10.0.25398.1849
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:* windows_server_2025 >= None < 10.0.26100.6508

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
powershell edge-community 7.5.2-r0 Antoine Martin (ayakael) <dev@ayakael.net> possibly vulnerable
powershell edge-community 7.5.1-r0 Antoine Martin (ayakael) <dev@ayakael.net> possibly vulnerable
powershell edge-community 7.5.0-r0 Antoine Martin (ayakael) <dev@ayakael.net> possibly vulnerable
powershell edge-community 7.4.6-r2 Antoine Martin (ayakael) <dev@ayakael.net> possibly vulnerable
powershell 3.22-community 7.5.2-r0 Antoine Martin (ayakael) <dev@ayakael.net> possibly vulnerable
powershell 3.22-community 7.4.6-r2 Antoine Martin (ayakael) <dev@ayakael.net> possibly vulnerable