CVE-2025-48819

Publication date

2025-07-08 16:57:45

Family

microsoft

State

PUBLISHED

Description

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.