Microsoft Windows up to Server 2025 GDI+ heap-based overflow
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 8.9 | $25k-$100k | 0.00 |
Summary
A vulnerability has been found in Microsoft Windows and classified as very critical. This affects an unknown function of the component GDI+. The manipulation leads to heap-based overflow. This vulnerability is traded as CVE-2025-53766. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
Details
A vulnerability was found in Microsoft Windows. It has been rated as very critical. This issue affects an unknown part of the component GDI+. The manipulation with an unknown input leads to a heap-based overflow vulnerability. Using CWE to declare the problem leads to CWE-122. A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). Impacted is confidentiality, integrity, and availability. The summary by CVE is:
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
The weakness was shared 08/12/2025 as confirmed security update guide (Website). It is possible to read the advisory at msrc.microsoft.com. The identification of this vulnerability is CVE-2025-53766. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. The technical details are unknown and an exploit is not publicly available. The pricing for an exploit might be around USD $25k-$100k at the moment (estimation calculated on 11/22/2025).
The vulnerability scanner Nessus provides a plugin with the ID 249138 (KB5063875: Windows 11 version 22H2 / Windows 11 version 23H2 Security Update (August 2025)), which helps to determine the existence of the flaw in a target environment.
Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at Tenable (249138), EUVD (EUVD-2025-24289) and CERT Bund (WID-SEC-2025-1790). Be aware that VulDB is the high quality source for vulnerability data.
Affected
- Hitachi Virtual Storage Platform
- Microsoft Windows Server 2022
- Microsoft Windows Server
- Microsoft Windows 10
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
- Microsoft Windows 11
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
- Microsoft Windows Server 2025
- Microsoft Windows
Product
Type
Vendor
Name
Version
- 10
- 10 21H2
- 10 22H2
- 10 1607
- 10 1809
- 11 22H2
- 11 23H2
- 11 24H2
- Microsoft Office
- Server 2008 R2 SP1
- Server 2008 SP2
- Server 2012
- Server 2012 R2
- Server 2016
- Server 2019
- Server 2022
- Server 2022 23H2
- Server 2025
License
Website
- Vendor: https://www.microsoft.com/
- Product: https://www.microsoft.com/en-us/windows
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔒VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 9.8VulDB Meta Temp Score: 8.9
VulDB Base Score: 9.8
VulDB Temp Score: 8.5
VulDB Vector: 🔒
VulDB Reliability: 🔍
Vendor Base Score (Microsoft): 9.8
Vendor Vector (Microsoft): 🔒
CNA Base Score: 9.8
CNA Vector (Microsoft): 🔒
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Exploiting
Class: Heap-based overflowCWE: CWE-122 / CWE-119
CAPEC: 🔒
ATT&CK: 🔒
Physical: No
Local: No
Remote: Yes
Availability: 🔒
Status: Unproven
EPSS Score: 🔒
EPSS Percentile: 🔒
Price Prediction: 🔍
Current Price Estimation: 🔒
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 249138
Nessus Name: KB5063875: Windows 11 version 22H2 / Windows 11 version 23H2 Security Update (August 2025)
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔒
0-Day Time: 🔒
Exposure Time: 🔒
Timeline
08/12/2025 VulDB entry created08/12/2025 Advisory disclosed
08/12/2025 Countermeasure disclosed
11/22/2025 VulDB entry last update
Sources
Vendor: microsoft.comProduct: microsoft.com
Advisory: msrc.microsoft.com
Status: Confirmed
CVE: CVE-2025-53766 (🔒)
GCVE (CVE): GCVE-0-2025-53766
GCVE (VulDB): GCVE-100-319679
EUVD: 🔒
CERT Bund: WID-SEC-2025-1790 - Microsoft Windows und Windows Server: Mehrere Schwachstellen
scip Labs: https://www.scip.ch/en/?labs.20161215
Entry
Created: 08/12/2025 20:01Updated: 11/22/2025 13:06
Changes: 08/12/2025 20:01 (35), 08/12/2025 20:04 (34), 08/13/2025 06:20 (2), 08/15/2025 00:09 (12), 08/16/2025 20:39 (1), 11/22/2025 13:06 (7)
Complete: 🔍
Cache ID: 216::103
Be aware that VulDB is the high quality source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.