BIT-powershell-2025-49734

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/powershell/BIT-powershell-2025-49734.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-powershell-2025-49734

Aliases

CVE-2025-49734

Published

2025-10-03T08:49:03.988Z

Modified

2025-10-03T09:27:28.310612Z

Summary

PowerShell Direct Elevation of Privilege Vulnerability

Details

Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.

Database specific

{
    "severity": "High",
    "cpes": [
        "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*"
    ]
}

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49734
https://nvd.nist.gov/vuln/detail/CVE-2025-49734

Affected packages

Bitnami / powershell

Package

Name: powershell
Purl: pkg:bitnami/powershell

Severity

7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

7.4.0

Fixed

7.4.12

Introduced

7.5.0

Fixed

7.5.3