115 matches found
CVE-2026-24292
Use after free in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...
EUVD-2026-10617
Use after free in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...
CVE-2026-24292 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
...
CVE-2026-24292
Use after free in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...
PT-2026-24286
Use after free in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...
KLA90878 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, spoof user interface, obtain sensitive information, cause denial of service. Below is a...
CVE-2026-20864
Heap-based buffer overflow in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...
CVE-2026-20864 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
...
CVE-2026-20864
CVE-2026-20864 describes a heap-based buffer overflow in the Connected Devices Platform Service (Cdpsvc) on Windows that enables an authorized local attacker to elevate privileges. The vulnerability affects Cdpsvc and is rated high (CVSS v3.1 base 7.8; Local, Low Attack Complexity, Privileges Req...
CVE-2026-20864
Heap-based buffer overflow in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...
PT-2026-2709
Name of the Vulnerable Software and Affected Versions Connected Devices Platform Service Cdpsvc affected versions not specified Description A heap-based buffer overflow exists in the Connected Devices Platform Service Cdpsvc. This condition allows a locally authenticated attacker to gain elevated...
CVE-2025-58719
Use after free in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...
CVE-2025-59191
Heap-based buffer overflow in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...
CVE-2025-55326
Use after free in Connected Devices Platform Service Cdpsvc allows an unauthorized attacker to execute code over a network...
EUVD-2025-34300
Heap-based buffer overflow in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...
EUVD-2025-34403
Use after free in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...
CVE-2025-59191
Heap-based buffer overflow in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...
CVE-2025-58719
Use after free in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...
CVE-2025-59191
CVE-2025-59191 is a Windows security vulnerability in the Connected Devices Platform Service (Cdpsvc). It is described as a heap-based buffer overflow that, when exploited by an authenticated local attacker, enables elevation of privileges. The CVE is documented with a high impact (local, privile...
CVE-2025-58727
CVE-2025-58727 describes a race-condition in the Windows Connected Devices Platform Service (Cdpsvc) that allows an authenticated, local attacker to elevate privileges. The issue originates from concurrent execution using a shared resource without proper synchronization. Documents identify the af...