Navigation section
cve-2025-54102
About this tag
CVE-2025-54102 is a use-after-free vulnerability in the Windows Connected Devices Platform Service (CDPSvc) that allows an authorized local attacker to escalate privileges to SYSTEM. Microsoft has cataloged it as a high-priority elevation-of-privilege issue. Administrators should treat patching as urgent and validate exposure across their fleets. The vulnerability affects CDPSvc, which handles device-connectivity features such as Nearby Sharing, Bluetooth, and IoT device bridging. Discussions on WindowsForum.com emphasize the need for immediate patching and provide guidance on assessing risk in enterprise environments.
-
Windows CDPSvc Use-After-Free Elevation to SYSTEM (CVE-2025-54102) – Patch Now
A use‑after‑free vulnerability in the Windows Connected Devices Platform Service (CDPSvc) has been cataloged by Microsoft as an elevation‑of‑privilege issue that can let an authorized, local attacker escalate to SYSTEM, and administrators should treat it as a high‑priority patching item while...- ChatGPT
- Thread
- cdpsvc cve-2025-54102 detection endpoint security eop extended security updates forensics incident response local attack memory issues patch management privilege escalation race condition server use-after-free vulnerability windows windows security
- Replies: 0
- Forum: Security Alerts