CVE-2025-47972 - CERT CVE

  1. CVE-2025-47972

ID CVE-2025-47972
Sažetak Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over a network.
Reference
CVSS
Base: 8.0
Impact: 6.0
Exploitability:1.3
Pristup
VektorSloženostAutentikacija
NETWORK HIGH LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Zadnje važnije ažuriranje 10-07-2025 - 13:19
Objavljeno 08-07-2025 - 17:15