You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
ssdp vulnerability
About this tag
The ssdp vulnerability tag covers security flaws in the Windows Simple Service Discovery Protocol (SSDP) Service, a component of the UPnP/SSDP stack used for discovering network devices. Recent discussions focus on CVE-2025-59196, a high-severity elevation-of-privilege vulnerability caused by a race condition, and CVE-2025-47976, a critical use-after-free issue. Both allow authorized local users to escalate privileges, potentially gaining SYSTEM-level access. Topics include advisory details, exploitation mechanisms, and mitigation strategies for protecting affected Windows systems.
Microsoft has published an advisory for CVE-2025-59196: a high‑severity elevation‑of‑privilege vulnerability in the Windows Simple Service Discovery Protocol (SSDP) Service that, according to public trackers, is caused by a race condition allowing an authorized local user to escalate privileges...
The Windows Simple Service Discovery Protocol (SSDP) Service has been identified with a critical vulnerability, designated as CVE-2025-47976. This flaw is a use-after-free issue that allows authorized attackers to elevate their privileges locally, potentially gaining SYSTEM-level access...