Detections
Analytics
CVE-2025-29824
high
Description
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
From the Tenable Blog
Microsoft’s April 2025 Patch Tuesday Addresses 121 CVEs (CVE-2025-29824)
Published: 2025-04-08
Microsoft addresses 121 CVEs including one zero-day which was exploited in the wild.
References
https://www.bleepingcomputer.com/news/security/ransomware-gangs-join-ongoing-sap-netweaver-attacks/
https://thehackernews.com/2025/05/bianlian-and-ransomexx-exploit-sap.html
https://www.securityweek.com/second-ransomware-group-caught-exploiting-windows-flaw-as-zero-day/
https://thehackernews.com/2025/05/play-ransomware-exploited-windows-cve.html
https://www.securityweek.com/cisa-urges-urgent-patching-for-exploited-centrestack-windows-zero-days/
https://www.databreachtoday.com/microsoft-warns-ransomware-actors-exploiting-windows-flaw-a-27960
https://thehackernews.com/2025/04/pipemagic-trojan-exploits-windows-clfs.html
https://www.theregister.com/2025/04/08/patch_tuesday_microsoft/
https://www.securityweek.com/microsoft-patches-125-windows-vulns-including-exploited-clfs-zero-day/
https://www.helpnetsecurity.com/2025/04/08/patch-tuesday-microsoft-zero-day-cve-2025-29824/
https://therecord.media/microsoft-zero-day-used-ransomware-attack-real-estate
Details
Published: 2025-04-08
Updated: 2025-05-14
Named Vulnerability: ZTA Microsoft Windows Common Log File System (CLFS) Driver flawNamed Vulnerability: CLFS Zero-DayKnown Exploited Vulnerability (KEV)
Risk Information
CVSS v2
Base Score: 6.8
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
Severity: Medium
CVSS v3
Base Score: 7.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: High
EPSS
EPSS: 0.19164