CVE-2025-47984

Q: What is the severity of CVE-2025-47984?

CVE-2025-47984 has a CVSS score of 7.5 (HIGH). This vulnerability in Windows GDI (Graphics Device Interface) allows an unauthorized attacker to remotely access and disclose sensitive information from affected systems over a network. It affects Windows systems with GDI components exposed to network connections. Any Windows system with vulnerable GDI implementations is potentially at risk.

7.5 HIGH

📋 TL;DR

This vulnerability in Windows GDI (Graphics Device Interface) allows an unauthorized attacker to remotely access and disclose sensitive information from affected systems over a network. It affects Windows systems with GDI components exposed to network connections. Any Windows system with vulnerable GDI implementations is potentially at risk.

💻 Affected Systems

Products:

Microsoft Windows

Versions: Specific versions not yet detailed in public advisory

Operating Systems: Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022

Default Config Vulnerable: ⚠️ Yes

Notes: Systems with GDI network services enabled are vulnerable. Exact version ranges will be specified in Microsoft's security update.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with sensitive data exfiltration, including credentials, system information, and potentially enabling further attacks.

🟠

Likely Case

Information disclosure leading to data leakage, system fingerprinting, and potential reconnaissance for follow-on attacks.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing unauthorized network access to GDI components.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires network access to vulnerable GDI services. No public exploit code available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: To be determined from Microsoft's monthly security updates

Vendor Advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47984

Restart Required: Yes

Instructions:

1. Check for Windows Updates
2. Install all available security updates
3. Restart system if prompted
4. Verify update installation in Windows Update history

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to systems with GDI services

Disable Unnecessary GDI Network Services

windows

Disable GDI-related network services if not required

🧯 If You Can't Patch

Implement strict network access controls to limit exposure
Monitor for suspicious network traffic to/from GDI-related ports

🔍 How to Verify

Check if Vulnerable:

Check Windows Update for missing security patches related to CVE-2025-47984

Check Version:

wmic qfe list | findstr KB

Verify Fix Applied:

Verify KB update number from Microsoft's security bulletin is installed

📡 Detection & Monitoring

Log Indicators:

Unusual network connections to GDI-related services
Failed authentication attempts to GDI components

Network Indicators:

Suspicious traffic patterns to GDI service ports
Unexpected information disclosure over network

SIEM Query:

source="windows" AND (event_id=4625 OR event_id=5156) AND process_name="gdi*"

📊 Metadata

CVE ID: CVE-2025-47984

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-693

EPSS Score: 0.18% exploit probability (39.3th percentile)

Published: July 8, 2025

Last Updated: July 14, 2025

🔗 References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47984 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Windows 10 1507 by Microsoft

Windows 10 1507 by Microsoft

Windows 10 1607 by Microsoft

Windows 10 1607 by Microsoft

Windows 10 1809 by Microsoft

Windows 10 1809 by Microsoft

Windows 10 21h2 by Microsoft

Windows 10 22h2 by Microsoft

Windows 11 22h2 by Microsoft

Windows 11 23h2 by Microsoft

Windows 11 24h2 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2012 by Microsoft

Windows Server 2012 by Microsoft

Windows Server 2016 by Microsoft

Windows Server 2019 by Microsoft

Windows Server 2022 by Microsoft

Windows Server 2022 23h2 by Microsoft

Windows Server 2025 by Microsoft

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Disable Unnecessary GDI Network Services

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities