You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cwe-862
About this tag
The tag cwe-862 on WindowsForum.com covers CWE-862, a missing authorization weakness. Content discusses CVE-2025-49723, a vulnerability in the Windows StateRepository API where a locally authorized attacker can exploit missing authorization checks to tamper with files and escalate privileges. The tag includes patch guidance and notes on CVE-number mismatches in public reporting. This is relevant for Windows administrators and security professionals managing enterprise IT environments, focusing on Windows security updates, vulnerability mitigation, and system hardening against local privilege escalation attacks.
Microsoft’s Security Update Guide entry for the StateRepository API points to a missing authorization check that can be abused by a locally authorized attacker to tamper with files and escalate privileges — but there’s an important CVE-number mismatch in public reporting that every admin must...