CVE-2025-27462

EUVD-2025-210443
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.]


The Windows PV drivers expose various facilities to userspace.  Several
of these have no security descriptor, and are therefore fully accessible
to unprivileged users.  These are:

  1. XenCons,  CVE-2025-27462
  2. XenIface, CVE-2025-27463
  3. XenBus,   CVE-2025-27464
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown