CVE-2025-27484

Publication date

2025-04-08 17:23:58

Family

microsoft

State

PUBLISHED

Description

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.