CVE-2025-62572 - Vulnerability Details

- Application Information Service Elevation of Privilege Vulnerability

Description

Out-of-bounds read in Application Information Services allows an authorized attacker to elevate privileges locally.

Published: 2025-12-09

Score: 7.8 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

Out-of-bounds read in Application Information Services can be leveraged by an attacker with local authorized access to read memory beyond intended bounds. This flaw allows the attacker to gain privileges higher than those granted, potentially enabling execution of arbitrary code or full system control. The vulnerability is classified under CWE‑125, highlighting a failure to prevent memory overreads that can compromise integrity of the operating system.

Affected Systems

The flaw affects Microsoft Windows 11 versions 24H2 and 25H2 on both standard and arm64 architectures, as well as Microsoft Windows Server 2025, including Server Core installations. Exact service names are not listed, but the vulnerability resides in the Windows Application Information Service component across these releases.

Risk and Exploitability

The CVSS score of 7.8 indicates a high severity, while the EPSS score of less than 1% suggests a low likelihood of widespread exploitation at this time. The vulnerability is not currently catalogued in CISA KEV. The attack vector is local; an attacker already authenticated to the system must exploit the out‑of‑bounds read in the Application Information Service to elevate privileges. Because the flaw is memory‑related, it is likely easier to exploit than more complex remote code paths, but the requirement for local authorization limits its scope to compromised or privileged hosts.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Microsoft

Windows 11 Version 24H2

affected

Version	Status	Constraints
`10.0.26100.0`	affected	< 10.0.26100.7462

Microsoft

Windows 11 Version 25H2

affected

Version	Status	Constraints
`10.0.26200.0`	affected	< 10.0.26200.7462

Microsoft

Windows Server 2025

affected

Version	Status	Constraints
`10.0.26100.0`	affected	< 10.0.26100.7462

Microsoft

Windows Server 2025 (Server Core installation)

affected

Version	Status	Constraints
`10.0.26100.0`	affected	< 10.0.26100.7462

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_11_24h2::::::::
	cpe:2.3:o:microsoft:windows_11_25h2::::::::
	cpe:2.3:o:microsoft:windows_server_2025::::::::

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest Microsoft update for Windows 11 24H2, Windows 11 25H2, and Windows Server 2025, as outlined in the MSRC advisory
If immediate patching is not possible, enforce least privilege by restricting the Application Information Service to non‑privileged accounts and disable the service on systems where it is not required
Monitor privileged accounts and sign‑off any changes to the Application Information Service configuration to prevent unauthorized privilege elevation

Generated by OpenCVE AI on April 20, 2026 at 15:49 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00106.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62572

History

Wed, 10 Dec 2025 19:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Microsoft windows 11 24h2 Microsoft windows 11 25h2
CPEs		cpe:2.3:o:microsoft:windows_11_24h2:::::::: cpe:2.3:o:microsoft:windows_11_25h2::::::::
Vendors & Products		Microsoft windows 11 24h2 Microsoft windows 11 25h2

Tue, 09 Dec 2025 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 09 Dec 2025 18:15:00 +0000

Type	Values Removed	Values Added
Description		Out-of-bounds read in Application Information Services allows an authorized attacker to elevate privileges locally.
Title		Application Information Service Elevation of Privilege Vulnerability
First Time appeared		Microsoft Microsoft windows 11 24h2 Microsoft windows 11 25h2 Microsoft windows Server 2025
Weaknesses		CWE-125
CPEs		cpe:2.3:o:microsoft:windows_11_24H2:::::::arm64:* cpe:2.3:o:microsoft:windows_11_25H2:::::::arm64:* cpe:2.3:o:microsoft:windows_server_2025::::::::
Vendors & Products		Microsoft Microsoft windows 11 24h2 Microsoft windows 11 25h2 Microsoft windows Server 2025
References		https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62572
Metrics		cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}`

Subscriptions

Microsoft Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows Server 2025

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2025-12-09T17:55:42.528Z

Updated: 2026-04-16T14:18:37.712Z

Reserved: 2025-10-15T17:11:21.222Z

Link: CVE-2025-62572

Vulnrichment

Updated: 2025-12-09T20:16:44.141Z

NVD

Status : Analyzed

Published: 2025-12-09T18:16:03.520

Modified: 2025-12-10T19:20:43.103

Link: CVE-2025-62572

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-20T16:00:10Z

Weaknesses

CWE-125

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object