VDB
WID-SEC-W-2025-2307
WID-SEC-W-2025-2307
PUBLISHED
Windows ist ein Betriebssystem von Microsoft. Windows Server 2016 ist ein Betriebssystem von Microsoft. Windows Server 2019 ist ein Betriebssystem von Microsoft.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft Windows Server 2008 SP2 | ||
| Microsoft Windows 10 Version 21H2 | ||
| Microsoft Windows Server 2012 R2 | ||
| Microsoft Windows Server 2012 | ||
| Microsoft Windows Server 2025 | ||
| Microsoft Windows Server 2022 | ||
| Microsoft Windows 11 Version 24H2 | ||
| Microsoft Windows 11 Version 25H2 | ||
| Microsoft Windows Server 2008 R2 SP1 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 11 Version 22H2 | ||
| Microsoft Windows Server 2022 23H2 Edition | ||
| Microsoft Windows 10 Version 22H2 | ||
| Microsoft Windows 10 Version 1607 | ||
| Microsoft Windows 10 Version 1809 | ||
| Microsoft Windows Remote Desktop client for Desktop | ||
| Microsoft Windows Server 2016 | ||
| Microsoft Windows 11 Version 23H2 | ||
| Microsoft Windows Server 2019 | ||
| Microsoft Windows App Client for Desktop |
Exploit Intelligence
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2307.json (circl)
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2307 (circl)
- https://msrc.microsoft.com/update-guide/ (circl)
- https://hawktrace.com/blog/CVE-2025-59287-UNAUTH (circl)
- https://securityaffairs.com/183830/security/cve-2025-59287-microsoft-fixes-critical-wsus-flaw-under-active-attack.html (circl)
- https://ssd-disclosure.com/cloud-filter-arbitrary-file-creation-eop-patch-bypass-lpe/ (circl)
- mkdocs.yml (github-poc)
Timeline
- Oct 14, 2025 CVE Published
- Nov 5, 2025 CVE Updated
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2307.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2307 advisory
- https://msrc.microsoft.com/update-guide/ url
- https://hawktrace.com/blog/CVE-2025-59287-UNAUTH url
- https://securityaffairs.com/183830/security/cve-2025-59287-microsoft-fixes-critical-wsus-flaw-under-active-attack.html url
- https://ssd-disclosure.com/cloud-filter-arbitrary-file-creation-eop-patch-bypass-lpe/ url