CVE-2025-62208

Description

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.

CVSS Details

CVSS Score

5.5

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* - VULNERABLE

cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* - VULNERABLE

cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* - VULNERABLE

cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* - VULNERABLE

cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* - VULNERABLE

Windows 10

Windows 11

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

powershell
# 示例PoC代码
# 读取Windows License Manager日志
Get-Content $env:SystemRoot\System32\wlms\wlms.txt

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-62208
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-62208
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-62208/
[4] VulDB https://vuldb.com/cve/CVE-2025-62208
[5] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62208

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-62208", "sourceIdentifier": "[email protected]", "published": "2025-11-11T18:15:47.923", "lastModified": "2025-11-17T17:40:13.993", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-532"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.10240.21161", "matchCriteriaId": "030F3214-D6AF-40A9-9FC9-523AC9870581"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.10240.21161", "matchCriteriaId": "4932CB20-D134-4EDF-8F21-F9D0AF80BFEA"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.14393.8519", "matchCriteriaId": "D8145D41-BFB2-47A6-B5E5-1A038A27C1C1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.14393.8519", "matchCriteriaId": "3EE0CDB1-CBF3-45F2-8F0B-96A9D0757B42"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.17763.7919", "matchCriteriaId": "E216CD5B-8885-4E17-8718-97E88A724A44"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.7919", "matchCriteriaId": "36E44227-0320-43B1-A0D9-EB28B25CDB4D"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.19044.6456", "matchCriteriaId": "1485A427-10FF-4C39-9911-4C6F1820BE7F"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.19045.6456", "matchCriteriaId": "26CAACAA-3FE8-4740-8CF2-6BF3D069C47F"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.22621.6060", "matchCriteriaId": "6F387FA2-66C8-4B70-A537-65806271F16A"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.22631.6060", "matchCriteriaId": "A3FEBF91-5010-4C84-B93A-6EFA4838185A"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.6899", "matchCriteriaId": "41E9F7AC-8E6D-43A0-A157-48A5E0B5BD0D"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26200.6899", "matchCriteriaId": "3B77A066-4F79-4B1F-AECF-58DB4C651EA5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.8519", "matchCriteriaId": "7A8CC16F-8B44-4E7D-8503-25D753387345"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.7919", "matchCriteriaId": "20810926-AEC9-4C09-9C52-B4B8FADECF3A"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.4294", "matchCriteriaId": "B1C1EA69-6BB8-4E59-8659-43581FDB48B7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1913", "matchCriteriaId": "370C12D6-90EF-44BE-8070-AA0080C12600"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.6899", "matchCriteriaId": "72C1771B-635B-41E3-84AF-8822467A1869"}]}]}], "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62208", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}