Return to CVE list

CVE-2025-27478

7.0

Critical

CVE-2025-27478

8 Apr 2025

secure@microsoft.com

Awaiting Analysis

View on MITRE Find on GitHub

Description

Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

secure@microsoft.com

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27478