Cyber Resilience

CVE-2025-50165

Critical

Published: 12 August 2025

Published
12 August 2025
Modified
14 August 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.2353 96.1th percentile
Risk Priority 34 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-50165 is a critical-severity Untrusted Pointer Dereference (CWE-822) vulnerability in Microsoft Windows 11 24H2. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 3.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

The vulnerability CVE-2025-50165 is an untrusted pointer dereference weakness, tracked under CWEs 822 and 908, that affects the Microsoft Graphics Component. It carries a CVSS 3.1 base score of 9.8 and was published on 12 August 2025.

An unauthenticated attacker can exploit the flaw over a network with low attack complexity and no user interaction required, resulting in full confidentiality, integrity, and availability impact through arbitrary code execution. The current and peak EPSS scores both stand at 0.2353 with no material rise observed.

Microsoft has published an advisory for the issue at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50165. No information on real-world exploitation or other contextual factors is available in the supplied data.

EU & UK References

Vulnerability details

Untrusted pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Remote unauthenticated network RCE in exposed component directly matches initial access via public-facing application exploitation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-21182Same product: Microsoft Windows 11 24H2
CVE-2025-21183Same product: Microsoft Windows 11 24H2
CVE-2025-21379Same product: Microsoft Windows 11 24H2
CVE-2025-62549Same product: Microsoft Windows 11 24H2
CVE-2025-21220Same product: Microsoft Windows 11 24H2
CVE-2026-32222Same product: Microsoft Windows 11 24H2
CVE-2026-21250Same product: Microsoft Windows 11 24H2
CVE-2026-40369Same product: Microsoft Windows 11 24H2
CVE-2026-20854Same product: Microsoft Windows 11 24H2
CVE-2025-21372Same product: Microsoft Windows 11 24H2

Affected Assets

microsoft
windows 11 24h2
≤ 10.0.26100.4851
microsoft
windows server 2025
≤ 10.0.26100.4851

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mandates timely patching and flaw remediation for vulnerabilities like CVE-2025-50165 in the Microsoft Graphics Component.

prevent

Provides memory protection mechanisms such as ASLR, DEP, and stack guards to block exploitation of untrusted pointer dereference flaws.

prevent

Enforces network boundary protections to restrict unauthorized remote access required to exploit the graphics component vulnerability.

References