CVE-2025-47987
Published: 08 July 2025
Summary
CVE-2025-47987 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Microsoft Windows Server 2008. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 8.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2025-47987 is a heap-based buffer overflow vulnerability in the Windows Cred SSProvider Protocol. The issue, tracked under CWEs 122 and 190, arises from improper bounds checking that can corrupt memory during credential handling operations and carries a CVSS 3.1 score of 7.8 reflecting local attack vectors with low complexity.
An authorized attacker with low privileges on an affected Windows system can trigger the flaw locally without user interaction, resulting in elevation of privileges that grants full control over confidentiality, integrity, and availability on the host.
Microsoft has published official guidance for the vulnerability at its Security Response Center advisory page, directing administrators to apply the corresponding security updates when available.
The associated EPSS score sits at 0.0733 with no recorded rise from its peak value.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-20650
Vulnerability details
Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.