Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 02 Oct 2025 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows Server 2022 23h2
CPEs cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
Vendors & Products Microsoft windows 11 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows Server 2022 23h2

Mon, 15 Sep 2025 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft
Microsoft internet Information Services
Microsoft windows
Microsoft windows 11
Microsoft windows Server
Microsoft windows Server 2022
Microsoft windows Server 2025
Vendors & Products Microsoft
Microsoft internet Information Services
Microsoft windows
Microsoft windows 11
Microsoft windows Server
Microsoft windows Server 2022
Microsoft windows Server 2025

Tue, 09 Sep 2025 23:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 09 Sep 2025 17:15:00 +0000

Type Values Removed Values Added
Description Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network.
Title HTTP.sys Denial of Service Vulnerability
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C'}


cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2025-09-25T23:10:57.710Z

Reserved: 2025-07-09T13:40:07.628Z

Link: CVE-2025-53805

cve-icon Vulnrichment

Updated: 2025-09-09T18:27:38.946Z

cve-icon NVD

Status : Analyzed

Published: 2025-09-09T17:15:51.337

Modified: 2025-10-02T18:09:53.577

Link: CVE-2025-53805

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-09-15T10:44:06Z