CNNVD-202509-1174 Information

Sep 09, 2025 cve

CNNVD ID

CNNVD-202509-1174

CVE-2025-49734

  • CNNVD Published: 2025-09-09

Description (Chinese)

Microsoft Windows PowerShell是美国微软(Microsoft)公司的一种命令行外壳程序和脚本环境,使命令行用户和脚本编写者可以利用 .NET Framework的强大功能。 Microsoft Windows PowerShell存在安全漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows Server 2022,Windows Server 2022 (Server Core installation),Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 11 Version 22H2 for ARM64-based Systems,Windows 11 Version 22H2 for x64-based Systems,Windows 10 Version 22H2 for x64-based Systems,Windows 10 Version 22H2 for ARM64-based Systems,Windows 10 Version 22H2 for 32-bit Systems,Windows Server 2025 (Server Core installation),Windows 11 Version 23H2 for ARM64-based Systems,Windows 11 Version 23H2 for x64-based Systems,Windows Server 2022, 23H2 Edition (Server Core installation),Windows 11 Version 24H2 for ARM64-based Systems,Windows 11 Version 24H2 for x64-based Systems,Windows Server 2025,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation)。

Description (English)

Microsoft Windows PowerShell is an American Microsoft (MSC) command-script shell program and scrip environment that allows the command-script user and script writer to take advantage of the powerful functions of .NET Framework. Microsoft Windows PowerShell has a security gap. The attackers use this loophole to enhance their authority. The following products and versions are affected: Wowows; Wows; Wows; Wows; Vows; Wows; Vows; Vows; Vows; Vows; Vows; Vows; Vows; Vows; Vows; Vows; Vows; Wows;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;ss;s;s;ss;s;s;s;s;s;ss;s;s;s;s;s;s;s;s;s;s;s;s;s;s;s;ss;s;s

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

微软

Published

2025-09-09

Last Modified

2026-02-24

References

https://vigilance.fr/vulnerability/Microsoft-Windows-PowerShell-privilege-escalation-via-Hyper-V-48208 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49734

Patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49734

Share on: