CVE-2025-24055

Q: What is the severity of CVE-2025-24055?

CVE-2025-24055 has a CVSS score of 4.3 (MEDIUM). An out-of-bounds read vulnerability in the Windows USB Video Driver allows an authorized attacker with physical access to read sensitive information from kernel memory. This affects Windows systems with USB video devices connected. The attacker must have physical access to the target system.

4.3 MEDIUM

📋 TL;DR

An out-of-bounds read vulnerability in the Windows USB Video Driver allows an authorized attacker with physical access to read sensitive information from kernel memory. This affects Windows systems with USB video devices connected. The attacker must have physical access to the target system.

💻 Affected Systems

Products:

Windows USB Video Driver

Versions: Specific Windows versions as listed in Microsoft advisory

Operating Systems: Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022

Default Config Vulnerable: ⚠️ Yes

Notes: Requires USB video device to be connected and driver loaded. Physical access to the system is necessary for exploitation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with physical access could read kernel memory containing sensitive information like passwords, encryption keys, or other system data, potentially leading to further system compromise.

🟠

Likely Case

Limited information disclosure from kernel memory, potentially revealing system state information but not full system compromise.

🟢

If Mitigated

With proper physical security controls, the risk is minimal as physical access is required for exploitation.

🌐 Internet-Facing: LOW - Requires physical access to the system, not remotely exploitable.

🏢 Internal Only: MEDIUM - Physical access required, but could be exploited by malicious insiders or visitors with physical access to vulnerable systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires physical access and authorized access to the system. The attacker needs to interact with the USB video device driver.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Microsoft Security Update Guide for specific KB numbers

Vendor Advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24055

Restart Required: Yes

Instructions:

1. Open Windows Update settings
2. Check for updates
3. Install all available security updates
4. Restart the system when prompted

🔧 Temporary Workarounds

Disable USB video devices

windows

Prevent loading of vulnerable USB video driver by disabling USB video devices

Device Manager > Universal Serial Bus controllers > Right-click USB Video Device > Disable device

Restrict physical access

all

Implement physical security controls to prevent unauthorized physical access to systems

🧯 If You Can't Patch

Implement strict physical security controls and access monitoring
Disconnect unnecessary USB video devices and disable the driver in Device Manager

🔍 How to Verify

Check if Vulnerable:

Check Windows Update history for the specific KB patch mentioned in Microsoft advisory

Check Version:

systeminfo | findstr /B /C:"OS Name" /C:"OS Version"

Verify Fix Applied:

Verify the security update is installed via Windows Update history or systeminfo command

📡 Detection & Monitoring

Log Indicators:

USB device connection logs
Driver loading events in System logs
Unexpected USB video device access

Network Indicators:

Not applicable - physical access required

SIEM Query:

EventID=6416 OR EventID=20001 OR DeviceClass='USBVideo' in Windows Event Logs

📊 Metadata

CVE ID: CVE-2025-24055

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-125

EPSS Score: 0.26% exploit probability (48.5th percentile)

Published: March 11, 2025

Last Updated: July 2, 2025

🔗 References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24055 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Windows 10 1507 by Microsoft

Windows 10 1507 by Microsoft

Windows 10 1607 by Microsoft

Windows 10 1607 by Microsoft

Windows 10 1809 by Microsoft

Windows 10 1809 by Microsoft

Windows 10 21h2 by Microsoft

Windows 10 22h2 by Microsoft

Windows 11 22h2 by Microsoft

Windows 11 23h2 by Microsoft

Windows 11 24h2 by Microsoft

Windows 11 24h2 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2012 by Microsoft

Windows Server 2012 by Microsoft

Windows Server 2016 by Microsoft

Windows Server 2019 by Microsoft

Windows Server 2022 by Microsoft

Windows Server 2022 by Microsoft

Windows Server 2022 23h2 by Microsoft

Windows Server 2025 by Microsoft

Windows Server 2025 by Microsoft

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable USB video devices

Restrict physical access

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities