CVE-2025-47956

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-47956
External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47956
Configurations

No configuration.

History

12 Jun 2025, 16:06

Type Values Removed Values Added
Summary
  • (es) El control externo del nombre o la ruta del archivo en la aplicaciĆ³n de seguridad de Windows permite que un atacante autorizado realice suplantaciĆ³n de identidad localmente.

10 Jun 2025, 17:24

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-10 17:24

Updated : 2025-06-12 16:06

NVD link : CVE-2025-47956

Mitre link : CVE-2025-47956

CVE.ORG link : CVE-2025-47956

JSON object : View

Products Affected

No product.

CWE
CWE-73

External Control of File Name or Path