CNNVD-202507-1099 Information

Jul 08, 2025 cve

CNNVD ID

CNNVD-202507-1099

CVE-2025-48823

  • CNNVD Published: 2025-07-08

Description (Chinese)

Microsoft Windows Cryptographic Services是美国微软(Microsoft)公司的加密服务提供程序。 Microsoft Windows Cryptographic Services存在安全漏洞。攻击者利用该漏洞可以获取敏感信息。以下产品和版本受到影响:Windows Server 2019 (Server Core installation),Windows Server 2022,Windows Server 2022 (Server Core installation),Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 11 Version 22H2 for ARM64-based Systems,Windows 11 Version 22H2 for x64-based Systems,Windows 10 Version 22H2 for x64-based Systems,Windows 10 Version 22H2 for ARM64-based Systems,Windows 10 Version 22H2 for 32-bit Systems,Windows Server 2025 (Server Core installation),Windows 11 Version 23H2 for ARM64-based Systems,Windows 11 Version 23H2 for x64-based Systems,Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows Server 2019,Windows Server 2022, 23H2 Edition (Server Core installation),Windows 11 Version 24H2 for ARM64-based Systems,Windows 11 Version 24H2 for x64-based Systems,Windows Server 2025,Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation)。

Description (English)

Microsoft Windows Crystal Services is an encryption service provider for Microsoft America. Microsoft Windows Crystal Services has a security gap. The attackers use that loophole to obtain sensitive information. The following products and versions are affected: Wows Service 2019, Wowow Service, Sow Service, Wow Service Service, Wow Service Service Service 2022, Silver Services Service 21H2 for Windows 10 Version 21H2 for ARM 64-Systems, Wows Service for Windows 22 H2 for Service, Wows Service for Service 64-Systeams, Wows Service for Service 20-Systems, Wows Service for Service 20-Sys Organization for Service 20-Sys, Wows Service for Service 10-Sysysys for Service 2-Sys2-Sys for Service 2-Sysys for Service 20-Sys for Service 2-Sys

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

微软

Published

2025-07-08

Last Modified

2026-02-24

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48823

Patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48823

Share on: