CVE-2025-49734 — Vulnetix

CVE-2025-49734 PUBLISHED

Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.

EPSS 0.12% · 31.3th percentile

Risk Scores

EPSS Score

0.12%

31.3th percentile

Affected Products

Vendor	Product	Versions
Bitnami	powershell	7.4.0, 7.5.0
Bitnami	powershell	7.4.0, 7.5.0

Exploit Intelligence

https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
CIRCL seen: CVE-2025-49734 (circl-sighting)
CIRCL seen: CVE-2025-49734 (circl-sighting)
CIRCL seen: CVE-2025-49734 (circl-sighting)
PowerShell Direct Elevation of Privilege Vulnerability (circl)

Timeline

Sep 9, 2025 CVE Published
Sep 9, 2025 Coalition ESS Score
Sep 9, 2025 PoC Published
Sep 9, 2025 PoC Published
Sep 10, 2025 EPSS Score
Sep 10, 2025 PoC Published
Sep 11, 2025 Coalition ESS Score
Sep 17, 2025 EPSS Score
Sep 25, 2025 EPSS Score
Oct 2, 2025 EPSS Score
Oct 4, 2025 Coalition ESS Score
Oct 6, 2025 Coalition ESS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›