Cyber Resilience

CVE-2025-49694

High

Published: 08 July 2025

Published
08 July 2025
Modified
15 July 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0111 78.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-49694 is a high-severity NULL Pointer Dereference (CWE-476) vulnerability in Microsoft Windows 11 24H2. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 21.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

The vulnerability CVE-2025-49694 is a null pointer dereference, tracked as CWE-476, in the Microsoft Brokering File System. It affects this Windows component and is rated 7.8 under CVSS 3.1, reflecting local attack vector, low complexity, and high impact on confidentiality, integrity, and availability.

An authorized attacker with local access and low privileges can trigger the flaw without user interaction, resulting in elevation of privileges on the target system.

Microsoft's advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49694 supplies patch information and mitigation guidance for affected installations.

The associated EPSS score remains flat at 0.0111 with no material rise observed.

EU & UK References

Vulnerability details

Null pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
windows 11 24h2
≤ 10.0.26100.4652
microsoft
windows server 2022 23h2
≤ 10.0.25398.1732
microsoft
windows server 2025
≤ 10.0.26100.4652

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References