CVE-2025-49694
Published: 08 July 2025
Summary
CVE-2025-49694 is a high-severity NULL Pointer Dereference (CWE-476) vulnerability in Microsoft Windows 11 24H2. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 21.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
The vulnerability CVE-2025-49694 is a null pointer dereference, tracked as CWE-476, in the Microsoft Brokering File System. It affects this Windows component and is rated 7.8 under CVSS 3.1, reflecting local attack vector, low complexity, and high impact on confidentiality, integrity, and availability.
An authorized attacker with local access and low privileges can trigger the flaw without user interaction, resulting in elevation of privileges on the target system.
Microsoft's advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49694 supplies patch information and mitigation guidance for affected installations.
The associated EPSS score remains flat at 0.0111 with no material rise observed.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-20633
Vulnerability details
Null pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.