You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-50159
About this tag
CVE-2025-50159 is a local privilege elevation vulnerability in the Windows PPP EAP-TLS implementation, confirmed by Microsoft. The flaw is a use-after-free bug in the Remote Access Point-to-Point Protocol EAP-TLS component, which allows an authorized local attacker to elevate privileges on affected Windows systems. EAP-TLS is widely used for certificate-based authentication in enterprise VPNs and 802.1X network access. Administrators should prioritize patching and risk mitigation for this vulnerability. Discussions on WindowsForum.com cover the technical details, affected systems, and recommended actions to address CVE-2025-50159.
Microsoft’s security advisory confirms a use-after-free flaw in the Remote Access Point-to-Point Protocol (PPP) EAP-TLS implementation that can allow an authorized local attacker to elevate privileges on affected Windows systems, and administrators must treat this as a priority patching and...