CVE-2025-55248
📊 4.8 MEDIUM⚡ 0.0%🎯 0 exploits
📅 Published Oct 14, 2025
📋 Status: Analyzed
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.
CVSS v3.1 • [email protected]
🎯 Affected Products & Systems
61 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | microsoft | .net framework | 4.6.2 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.7 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.7.1 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.7.2 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | r2 Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2012 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2012 | r2 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.6.2 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x86 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:* |
📱App | microsoft | .net framework | 3.5.1 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | r2 Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* |
📱App | microsoft | .net framework | 3.5 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.8.1 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 21h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 22h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows 11 22h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows 11 23h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows 11 24h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows 11 25h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2022 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2022 23h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 3.5 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.8 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 1809 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* |
💻OS | microsoft | windows 10 1809 | All versions Target HW: x86 | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* |
💻OS | microsoft | windows 10 21h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 22h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2019 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2022 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 3.5 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.7.2 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 1607 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* |
💻OS | microsoft | windows 10 1607 | All versions Target HW: x86 | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* |
💻OS | microsoft | windows 10 1809 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* |
💻OS | microsoft | windows 10 1809 | All versions Target HW: x86 | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* |
💻OS | microsoft | windows server 2016 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2019 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 3.5 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x86 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:* |
💻OS | microsoft | windows server 2012 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2012 | r2 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 3.0 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x86 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:* |
📱App | microsoft | .net | ≥ 8.0.0 ∧ < 8.0.21 | Vulnerable | cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:* |
📱App | microsoft | .net | ≥ 9.0.0 ∧ < 9.0.10 | Vulnerable | cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:* |
💻OS | apple | macos | All versions | Not Vulnerable | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* |
💻OS | linux | linux kernel | All versions | Not Vulnerable | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
📱App | microsoft | visual studio 2022 | ≥ 17.10.0 ∧ < 17.10.20 | Vulnerable | cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* |
📱App | microsoft | visual studio 2022 | ≥ 17.12.0 ∧ < 17.12.13 | Vulnerable | cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* |
📱App | microsoft | visual studio 2022 | ≥ 17.14.0 ∧ < 17.14.17 | Vulnerable | cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.8 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 1607 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* |
💻OS | microsoft | windows 10 1607 | All versions Target HW: x86 | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* |
💻OS | microsoft | windows server 2008 | r2 Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2012 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2012 | r2 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2016 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
📱
VulnerableApplication
Version: 4.6.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.7
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.7.1
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.7.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
CPE:
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.6.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*
📱
VulnerableApplication
Version: 3.5.1
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
📱
VulnerableApplication
Version: 3.5
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.8.1
CPE:
cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 3.5
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.8
CPE:
cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 3.5
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.7.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 3.5
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
CPE:
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 3.0
CPE:
cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*
Version: ≥ 8.0.0 ∧ < 8.0.21
CPE:
cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
Version: ≥ 9.0.0 ∧ < 9.0.10
CPE:
cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 17.10.0 ∧ < 17.10.20
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 17.12.0 ∧ < 17.12.13
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 17.14.0 ∧ < 17.14.17
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.8
CPE:
cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
💻
SafeOperating System
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
CPE:
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
61 products•scroll for more
Metrics
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
Attack Vector:
NETWORK
Complexity:
HIGH
Privileges:
LOW
User Interaction:
REQUIRED
Confidentiality:
HIGH
Integrity:
NONE
Availability:
NONE
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
AnalyzedCVSS Details
4.8 (MEDIUM)v3.1
Source: [email protected]
EPSS Details
0.0% (Minimal)5.7th percentile
Last updated: Oct 30, 2025
Exploitation probability within 30 days
Published Date
Oct 14, 2025 (18 days ago)
Last Modified
Oct 23, 2025 (9 days ago)
Security Weaknesses1
CWE-326
References2
NVDadvisory