{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T04:19:51.647","vulnerabilities":[{"cve":{"id":"CVE-2025-60707","sourceIdentifier":"secure@microsoft.com","published":"2025-11-11T18:15:38.570","lastModified":"2025-12-16T18:16:13.177","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8027","matchCriteriaId":"16F25469-D606-4A71-9A94-C10E1D08B231"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8027","matchCriteriaId":"1A6A1513-48D5-4D4D-97F1-BFDAE4DC9396"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.19044.6575","matchCriteriaId":"EB5C0945-7EA1-4874-98E7-4234D85E0C0D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.19045.6575","matchCriteriaId":"655C5458-E6FB-408D-BCB4-0D28F8283D55"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22631.6199","matchCriteriaId":"0752A377-F96A-4B2F-B542-A9A9665AB913"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.7092","matchCriteriaId":"4345F25E-DF90-4CB2-B310-F82E08502815"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26200.7092","matchCriteriaId":"5A547AA3-FC6B-46D9-8D22-995C3CA33140"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8027","matchCriteriaId":"970E52EF-A858-4132-9D8C-4B31E169002C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.4346","matchCriteriaId":"5791ADD5-7D67-4659-9DA2-09337A1D82C1"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.25398.1965","matchCriteriaId":"256174B8-134D-44F5-9497-408AC51DE5DB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.7092","matchCriteriaId":"69424DAF-E9EA-4B50-80EC-5BAA97DEB772"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60707","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.vicarius.io/vsociety/posts/cve-2025-60707-detection-script-eop-vulnerability-in-multimedia-class-scheduler-service-by-microsoft","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.vicarius.io/vsociety/posts/cve-2025-60707-mitigation-script-eop-vulnerability-in-multimedia-class-scheduler-service-by-microsoft","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}