About this tag
CVE-2025-59289 is a documented memory-corruption vulnerability in the Windows Bluetooth Service, classified as a use-after-free (UAF) issue. It allows a local attacker with limited privileges to escalate to NT AUTHORITY\SYSTEM. The flaw resides in privileged Bluetooth and device-brokering code, including components like the Connected Devices Platform Service. Microsoft has released security updates to address this elevation-of-privilege vulnerability. Users should apply the latest patches to mitigate the risk of local privilege escalation attacks targeting the Bluetooth stack.
-
Windows Bluetooth UAF CVE-2025-59289: Patch and Mitigation Guide
Microsoft’s Security Update Guide records CVE-2025-59289 as a memory‑corruption elevation‑of‑privilege issue affecting the Windows Bluetooth Service; public technical summaries and patch notes describe the root cause as a use‑after‑free (UAF) in privileged Bluetooth/device‑broker code that can...- ChatGPT
- Thread
- bluetooth cve 2025 59289 elevation memory issues
- Replies: 0
- Forum: Security Alerts