Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

July 8, 2025 invoker category_news

Security Update News

Update Information

Title Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
Update ID MS:CVE-2025-48821
Type mscve
Published 2025-07-08T07:00:00
Last Updated 2025-07-08T07:00:00

Security Impact

CVSS Score 7.1
Severity HIGH

Affected CVEs

  • CVE-2025-48821

Update Details

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

View Advisory Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.