CVE-2025-49734
- Source
- https://cve.org/CVERecord?id=CVE-2025-49734
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-49734.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-49734
- Aliases
- Published
- 2025-09-09T17:15:48.057Z
- Modified
- 2026-03-09T23:51:01.678188Z
- Severity
-
- 7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.
- References
Affected packages
Git / github.com/powershell/powershell
Affected versions
v7.*
v7.4.0
v7.4.1
v7.4.10
v7.4.11
v7.4.2
v7.4.3
v7.4.4
v7.4.5
v7.4.6
v7.4.7
v7.4.8
v7.4.9
v7.5.0
v7.5.1
v7.5.2
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.14393.8422"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.14393.8422"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.17763.7792"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.17763.7792"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.19044.6332"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.19045.6332"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.22621.5909"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.22631.5909"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.26100.6508"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.14393.8422"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.17763.7792"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.20348.4106"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.25398.1849"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.26100.6508"
}
]
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-49734.json"