Improper access control in Windows MultiPoint Services (CVE-2025-54116) allows a locally authorized attacker to elevate their privileges on an affected host.
Executive summary
What it is: CVE-2025-54116 is an elevation-of-privilege (EoP) vulnerability in Microsoft’s Windows MultiPoint Services...