CNNVD-202507-1116 Information

Jul 08, 2025 cve

CNNVD ID

CNNVD-202507-1116

CVE-2025-49684

  • CNNVD Published: 2025-07-08

Description (Chinese)

Microsoft Windows Storage Port Driver是美国微软(Microsoft)公司的一种系统提供的存储端口驱动程序,特别适用于高性能总线,例如通过光纤通道(FC)或 FC 总线和 RAID 适配器使用 NVMe。 Microsoft Windows Storage Port Driver存在安全漏洞。攻击者利用该漏洞可以获取敏感信息。以下产品和版本受到影响:Windows Server 2019,Windows Server 2019 (Server Core installation),Windows Server 2022,Windows Server 2022 (Server Core installation),Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 11 Version 22H2 for x64-based Systems,Windows 10 Version 22H2 for x64-based Systems,Windows 10 Version 22H2 for 32-bit Systems,Windows Server 2025 (Server Core installation),Windows 11 Version 23H2 for x64-based Systems,Windows Server 2022, 23H2 Edition (Server Core installation),Windows 11 Version 24H2 for x64-based Systems,Windows Server 2025,Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows Server 2012 R2,Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows Server 2012 R2 (Server Core installation)。

Description (English)

Microsoft Windows Port Driver is a storage port driver provided by a system of Microsoft (MSC) in the United States, especially for high-performance buses, such as the use of NVME through fibre-optic channels (FC) or FC bus and RAID adapters. There is a security gap in Microsoft Windows Port Driver. The attackers use that loophole to obtain sensitive information. The following products and versions have been affected: Windows Service 2019, Windows Service 2019, Windows Service 2012 (West Service, Service Service 2 for Service 64 for Service 2022, Windows Service 2022 for Service 21H2 for 32-bit Systems, Windows 10 for Service 21H2 for 64-basted Systems, Windows 11 for Service 2 for Service 2025, Service for Service 2 for Service 7 for Service 5 for Service 5 for Service 5 for Service 5 for Service 10 for Service 5 for Service 5 for Service 5 for Service 5 for Service 10 for Service 5 for Service 5 for Service 5 for Service 5 for Service 10 for Service 2 for Service 2 for Service 2 for Service 2 for Service 2 for Service 2 for Service 10 for Service 10 for Service 2 for Service 2 for Service 2 for Service 2 for Service 10 for Service 10 for Service 2 for Service 2 for Service, and Services for Service 2 for Service 2 for Service 2 for Service 2 for Service 2 for Service, 7 for Service for Service 2 for Service 2 for Service 7 for Service 7 for Service for Service 5 for Service 5 for Service

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

微软

Published

2025-07-08

Last Modified

2026-02-24

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49684

Patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49684

Share on: