CVE-2025-24985 (GCVE-0-2025-24985)
Vulnerability from cvelistv5
Published
2025-03-11 16:59
Modified
2025-07-30 01:36
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
CWE
  • CWE-190 - Integer Overflow or Wraparound
  • CWE-122 - Heap-based Buffer Overflow
Summary
Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1809 Version: 10.0.17763.0   < 10.0.17763.7009
 Create a notification for this product.
   Microsoft Windows Server 2019 Version: 10.0.17763.0   < 10.0.17763.7009
 Create a notification for this product.
   Microsoft Windows Server 2019 (Server Core installation) Version: 10.0.17763.0   < 10.0.17763.7009
 Create a notification for this product.
   Microsoft Windows Server 2022 Version: 10.0.20348.0   < 10.0.20348.3328
 Create a notification for this product.
   Microsoft Windows 10 Version 21H2 Version: 10.0.19044.0   < 10.0.19044.5608
 Create a notification for this product.
   Microsoft Windows 11 version 22H2 Version: 10.0.22621.0   < 10.0.22621.5039
 Create a notification for this product.
   Microsoft Windows 10 Version 22H2 Version: 10.0.19045.0   < 10.0.19045.5608
 Create a notification for this product.
   Microsoft Windows Server 2025 (Server Core installation) Version: 10.0.26100.0   < 10.0.26100.3476
 Create a notification for this product.
   Microsoft Windows 11 version 22H3 Version: 10.0.22631.0   < 10.0.22631.5039
 Create a notification for this product.
   Microsoft Windows 11 Version 23H2 Version: 10.0.22631.0   < 10.0.22631.5039
 Create a notification for this product.
   Microsoft Windows Server 2022, 23H2 Edition (Server Core installation) Version: 10.0.25398.0   < 10.0.25398.1486
 Create a notification for this product.
   Microsoft Windows 11 Version 24H2 Version: 10.0.26100.0   < 10.0.26100.3476
 Create a notification for this product.
   Microsoft Windows Server 2025 Version: 10.0.26100.0   < 10.0.26100.3476
 Create a notification for this product.
   Microsoft Windows 10 Version 1507 Version: 10.0.10240.0   < 10.0.10240.20947
 Create a notification for this product.
   Microsoft Windows 10 Version 1607 Version: 10.0.14393.0   < 10.0.14393.7876
 Create a notification for this product.
   Microsoft Windows Server 2016 Version: 10.0.14393.0   < 10.0.14393.7876
 Create a notification for this product.
   Microsoft Windows Server 2016 (Server Core installation) Version: 10.0.14393.0   < 10.0.14393.7876
 Create a notification for this product.
   Microsoft Windows Server 2008 Service Pack 2 Version: 6.0.6003.0   < 6.0.6003.23168
 Create a notification for this product.
   Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Version: 6.0.6003.0   < 6.0.6003.23168
 Create a notification for this product.
   Microsoft Windows Server 2008 Service Pack 2 Version: 6.0.6003.0   < 6.0.6003.23168
 Create a notification for this product.
   Microsoft Windows Server 2008 R2 Service Pack 1 Version: 6.1.7601.0   < 6.1.7601.27618
 Create a notification for this product.
   Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Version: 6.1.7601.0   < 6.1.7601.27618
 Create a notification for this product.
   Microsoft Windows Server 2012 Version: 6.2.9200.0   < 6.2.9200.25368
 Create a notification for this product.
   Microsoft Windows Server 2012 (Server Core installation) Version: 6.2.9200.0   < 6.2.9200.25368
 Create a notification for this product.
   Microsoft Windows Server 2012 R2 Version: 6.3.9600.0   < 6.3.9600.22470
 Create a notification for this product.
   Microsoft Windows Server 2012 R2 (Server Core installation) Version: 6.3.9600.0   < 6.3.9600.22470
 Create a notification for this product.
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog

Date added: 2025-03-11

Due date: 2025-04-01

Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Used in ransomware: Unknown

Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24985 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24985

Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-24985",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-14T03:55:30.967858Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-03-11",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24985"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:36:17.341Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2025-03-11T00:00:00+00:00",
            "value": "CVE-2025-24985 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-29T13:49:19.002Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-24985-integer-overflow-vulnerability-in-microsoft-windows-fast-fat-driver-mitigation-script"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-24985-integer-overflow-vulnerability-in-microsoft-windows-fast-fat-driver-detection-script"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.7009",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.7009",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.7009",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.3328",
              "status": "affected",
              "version": "10.0.20348.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19044.5608",
              "status": "affected",
              "version": "10.0.19044.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22621.5039",
              "status": "affected",
              "version": "10.0.22621.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19045.5608",
              "status": "affected",
              "version": "10.0.19045.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.3476",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 22H3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22631.5039",
              "status": "affected",
              "version": "10.0.22631.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 23H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22631.5039",
              "status": "affected",
              "version": "10.0.22631.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.25398.1486",
              "status": "affected",
              "version": "10.0.25398.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 24H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.3476",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.3476",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1507",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.20947",
              "status": "affected",
              "version": "10.0.10240.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.7876",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.7876",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.7876",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems"
          ],
          "product": "Windows Server 2008 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.6003.23168",
              "status": "affected",
              "version": "6.0.6003.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.6003.23168",
              "status": "affected",
              "version": "6.0.6003.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2008  Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.6003.23168",
              "status": "affected",
              "version": "6.0.6003.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2008 R2 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.1.7601.27618",
              "status": "affected",
              "version": "6.1.7601.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.1.7601.27618",
              "status": "affected",
              "version": "6.1.7601.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.25368",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.25368",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.22470",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.22470",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.17763.7009",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.7009",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.7009",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.20348.3328",
                  "versionStartIncluding": "10.0.20348.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.19044.5608",
                  "versionStartIncluding": "10.0.19044.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.22621.5039",
                  "versionStartIncluding": "10.0.22621.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.19045.5608",
                  "versionStartIncluding": "10.0.19045.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.3476",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.22631.5039",
                  "versionStartIncluding": "10.0.22631.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.22631.5039",
                  "versionStartIncluding": "10.0.22631.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.25398.1486",
                  "versionStartIncluding": "10.0.25398.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.26100.3476",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.3476",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.10240.20947",
                  "versionStartIncluding": "10.0.10240.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.14393.7876",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.7876",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.7876",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.0.6003.23168",
                  "versionStartIncluding": "6.0.6003.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.0.6003.23168",
                  "versionStartIncluding": "6.0.6003.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "6.0.6003.23168",
                  "versionStartIncluding": "6.0.6003.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.1.7601.27618",
                  "versionStartIncluding": "6.1.7601.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.1.7601.27618",
                  "versionStartIncluding": "6.1.7601.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.25368",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.25368",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.22470",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.22470",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2025-03-11T07:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190: Integer Overflow or Wraparound",
              "lang": "en-US",
              "type": "CWE"
            },
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-19T21:38:20.450Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Windows Fast FAT File System Driver Remote Code Execution Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24985"
        }
      ],
      "title": "Windows Fast FAT File System Driver Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2025-24985",
    "datePublished": "2025-03-11T16:59:18.750Z",
    "dateReserved": "2025-01-30T15:14:20.992Z",
    "dateUpdated": "2025-07-30T01:36:17.341Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2025-24985",
      "cwes": "[\"CWE-190\", \"CWE-122\"]",
      "dateAdded": "2025-03-11",
      "dueDate": "2025-04-01",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24985 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24985",
      "product": "Windows",
      "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-24985\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2025-03-11T17:16:34.303\",\"lastModified\":\"2025-05-29T16:31:56.417\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.\"},{\"lang\":\"es\",\"value\":\"El desbordamiento de enteros o el envoltura en el controlador Fast FAT de Windows permite que un atacante no autorizado ejecute c\u00f3digo localmente.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2025-03-11\",\"cisaActionDue\":\"2025-04-01\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability\",\"weaknesses\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"},{\"lang\":\"en\",\"value\":\"CWE-190\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.10240.20947\",\"matchCriteriaId\":\"6997DE6E-CBAD-4690-A68C-8F10E477DCC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.10240.20947\",\"matchCriteriaId\":\"3CBCF6D9-5085-473C-82F5-98BC246A9C4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.14393.7876\",\"matchCriteriaId\":\"0CF0E174-4692-4AA3-B72E-12E73A1BDBE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.14393.7876\",\"matchCriteriaId\":\"340EF5F8-D4F5-4AD8-9D80-1DEC2F376BE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.17763.7009\",\"matchCriteriaId\":\"67C8DCD7-90C4-431F-BD03-FDFDE170E748\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.17763.7009\",\"matchCriteriaId\":\"05169574-28AB-4E42-B3DE-710574BB1AD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19044.5608\",\"matchCriteriaId\":\"83256070-991F-404C-AE4C-CBB46166CA67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19045.5608\",\"matchCriteriaId\":\"A1F779E2-8536-4B06-A151-6115C9D88D29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22621.5039\",\"matchCriteriaId\":\"0B27CE48-66A0-488B-A7B6-18A5A191AFDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22631.5039\",\"matchCriteriaId\":\"77DC7D9D-F85F-41B4-A944-D27B388A1157\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.26100.3476\",\"matchCriteriaId\":\"749B3071-291A-456E-90D5-4B0061B40064\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*\",\"matchCriteriaId\":\"2127D10C-B6F3-4C1D-B9AA-5D78513CC996\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*\",\"matchCriteriaId\":\"AB425562-C0A0-452E-AABE-F70522F15E1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*\",\"matchCriteriaId\":\"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB18C4CE-5917-401E-ACF7-2747084FD36E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.14393.7876\",\"matchCriteriaId\":\"C7610CDB-A02B-4C62-B17F-6DCE2B3DE4F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.17763.7009\",\"matchCriteriaId\":\"D271422D-A29F-4DBF-BF72-BCD90E393A5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.20348.3328\",\"matchCriteriaId\":\"C1426FF0-A402-4149-9F2B-0FA3CEB4BB5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.25398.1486\",\"matchCriteriaId\":\"96046A7B-76A1-4DCF-AEA5-25344D37E492\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.26100.3476\",\"matchCriteriaId\":\"DFE44B43-DB8C-46E0-8344-C22ED7406A50\"}]}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24985\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2025-24985-integer-overflow-vulnerability-in-microsoft-windows-fast-fat-driver-detection-script\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2025-24985-integer-overflow-vulnerability-in-microsoft-windows-fast-fat-driver-mitigation-script\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"title\": \"Windows Fast FAT File System Driver Remote Code Execution Vulnerability\", \"datePublic\": \"2025-03-11T07:00:00.000Z\", \"cpeApplicability\": [{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\", \"versionStartIncluding\": \"10.0.17763.0\", \"versionEndExcluding\": \"10.0.17763.7009\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.17763.0\", \"versionEndExcluding\": \"10.0.17763.7009\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.17763.0\", \"versionEndExcluding\": \"10.0.17763.7009\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.20348.0\", \"versionEndExcluding\": \"10.0.20348.3328\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*\", \"versionStartIncluding\": \"10.0.19044.0\", \"versionEndExcluding\": \"10.0.19044.5608\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*\", \"versionStartIncluding\": \"10.0.22621.0\", \"versionEndExcluding\": \"10.0.22621.5039\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*\", \"versionStartIncluding\": \"10.0.19045.0\", \"versionEndExcluding\": \"10.0.19045.5608\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.26100.0\", \"versionEndExcluding\": \"10.0.26100.3476\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*\", \"versionStartIncluding\": \"10.0.22631.0\", \"versionEndExcluding\": \"10.0.22631.5039\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*\", \"versionStartIncluding\": \"10.0.22631.0\", \"versionEndExcluding\": \"10.0.22631.5039\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.25398.0\", \"versionEndExcluding\": \"10.0.25398.1486\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*\", \"versionStartIncluding\": \"10.0.26100.0\", \"versionEndExcluding\": \"10.0.26100.3476\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.26100.0\", \"versionEndExcluding\": \"10.0.26100.3476\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*\", \"versionStartIncluding\": \"10.0.10240.0\", \"versionEndExcluding\": \"10.0.10240.20947\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\", \"versionStartIncluding\": \"10.0.14393.0\", \"versionEndExcluding\": \"10.0.14393.7876\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.14393.0\", \"versionEndExcluding\": \"10.0.14393.7876\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.14393.0\", \"versionEndExcluding\": \"10.0.14393.7876\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*\", \"versionStartIncluding\": \"6.0.6003.0\", \"versionEndExcluding\": \"6.0.6003.23168\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*\", \"versionStartIncluding\": \"6.0.6003.0\", \"versionEndExcluding\": \"6.0.6003.23168\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*\", \"versionStartIncluding\": \"6.0.6003.0\", \"versionEndExcluding\": \"6.0.6003.23168\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*\", \"versionStartIncluding\": \"6.1.7601.0\", \"versionEndExcluding\": \"6.1.7601.27618\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*\", \"versionStartIncluding\": \"6.1.7601.0\", \"versionEndExcluding\": \"6.1.7601.27618\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*\", \"versionStartIncluding\": \"6.2.9200.0\", \"versionEndExcluding\": \"6.2.9200.25368\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*\", \"versionStartIncluding\": \"6.2.9200.0\", \"versionEndExcluding\": \"6.2.9200.25368\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*\", \"versionStartIncluding\": \"6.3.9600.0\", \"versionEndExcluding\": \"6.3.9600.22470\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*\", \"versionStartIncluding\": \"6.3.9600.0\", \"versionEndExcluding\": \"6.3.9600.22470\"}]}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1809\", \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.7009\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.7009\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019 (Server Core installation)\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.7009\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.20348.0\", \"lessThan\": \"10.0.20348.3328\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 21H2\", \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\", \"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.19044.0\", \"lessThan\": \"10.0.19044.5608\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 22H2\", \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.22621.0\", \"lessThan\": \"10.0.22621.5039\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 22H2\", \"platforms\": [\"x64-based Systems\", \"ARM64-based Systems\", \"32-bit Systems\"], \"versions\": [{\"version\": \"10.0.19045.0\", \"lessThan\": \"10.0.19045.5608\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2025 (Server Core installation)\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.3476\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 22H3\", \"platforms\": [\"ARM64-based Systems\"], \"versions\": [{\"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.5039\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 23H2\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.5039\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022, 23H2 Edition (Server Core installation)\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.25398.0\", \"lessThan\": \"10.0.25398.1486\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 24H2\", \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.3476\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2025\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.3476\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1507\", \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.10240.0\", \"lessThan\": \"10.0.10240.20947\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1607\", \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.7876\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2016\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.7876\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2016 (Server Core installation)\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.7876\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008 Service Pack 2\", \"platforms\": [\"32-bit Systems\"], \"versions\": [{\"version\": \"6.0.6003.0\", \"lessThan\": \"6.0.6003.23168\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008 Service Pack 2 (Server Core installation)\", \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"], \"versions\": [{\"version\": \"6.0.6003.0\", \"lessThan\": \"6.0.6003.23168\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008  Service Pack 2\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"6.0.6003.0\", \"lessThan\": \"6.0.6003.23168\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008 R2 Service Pack 1\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"6.1.7601.0\", \"lessThan\": \"6.1.7601.27618\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008 R2 Service Pack 1 (Server Core installation)\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"6.1.7601.0\", \"lessThan\": \"6.1.7601.27618\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"6.2.9200.0\", \"lessThan\": \"6.2.9200.25368\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 (Server Core installation)\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"6.2.9200.0\", \"lessThan\": \"6.2.9200.25368\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 R2\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"6.3.9600.0\", \"lessThan\": \"6.3.9600.22470\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 R2 (Server Core installation)\", \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"6.3.9600.0\", \"lessThan\": \"6.3.9600.22470\", \"versionType\": \"custom\", \"status\": \"affected\"}]}], \"descriptions\": [{\"value\": \"Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.\", \"lang\": \"en-US\"}], \"problemTypes\": [{\"descriptions\": [{\"description\": \"CWE-190: Integer Overflow or Wraparound\", \"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-190\"}, {\"description\": \"CWE-122: Heap-based Buffer Overflow\", \"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-122\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2025-05-19T21:38:20.450Z\"}, \"references\": [{\"name\": \"Windows Fast FAT File System Driver Remote Code Execution Vulnerability\", \"tags\": [\"vendor-advisory\"], \"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24985\"}], \"metrics\": [{\"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}], \"cvssV3_1\": {\"version\": \"3.1\", \"baseSeverity\": \"HIGH\", \"baseScore\": 7.8, \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C\"}}]}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-05-29T13:49:19.002Z\"}, \"references\": [{\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2025-24985-integer-overflow-vulnerability-in-microsoft-windows-fast-fat-driver-mitigation-script\"}, {\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2025-24985-integer-overflow-vulnerability-in-microsoft-windows-fast-fat-driver-detection-script\"}], \"title\": \"CVE Program Container\", \"x_generator\": {\"engine\": \"ADPogram 0.0.1\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-24985\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-14T03:55:30.967858Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2025-03-11\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24985\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-11T17:27:21.353Z\"}, \"timeline\": [{\"time\": \"2025-03-11T00:00:00+00:00\", \"lang\": \"en\", \"value\": \"CVE-2025-24985 added to CISA KEV\"}], \"title\": \"CISA ADP Vulnrichment\"}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-24985\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"microsoft\", \"dateReserved\": \"2025-01-30T15:14:20.992Z\", \"datePublished\": \"2025-03-11T16:59:18.750Z\", \"dateUpdated\": \"2025-07-30T01:25:33.377Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.