4 matches found
CVE-2024-28916
CVE-2024-28916 is documented as an elevation-of-privilege vulnerability affecting Xbox Gaming Services. The main affected product is Xbox Gaming Services; exploitation would grant higher privileges on the target system, with a local attack vector and no user interaction required per CVSS metrics....
CVE-2025-55242
CVE-2025-55242 affects Xbox Gaming Services/Xbox (Xbox Certification Bug Copilot Djando Information Disclosure Vulnerability). Description: exposure of sensitive information to an unauthorized actor over a network. Affected component is related to Xbox Gaming Services; root cause described as an ...
CVE-2025-55245
CVE-2025-55245 affects Microsoft Xbox Gaming Services and is caused by improper link resolution before file access ("link following"), enabling an authorized local attacker to elevate privileges. The vulnerability is mapped to a local attack vector with high impact on confidentiality, integrity, ...
CVE-2025-59281
Xbox Gaming Services suffers an elevation of privilege via improper link resolution before file access ("link following"). An authorized local attacker can escalate to higher privileges. CVSSv3.1 base score 7.8 (HIGH); attack vector LOCAL, privileges required LOW, no user interaction. Remediation...