CVE-2025-24052: 
vulnerability analysis and mitigation

Microsoft identified a vulnerability (CVE-2025-24052) in the third-party Agere Modem driver that ships natively with supported Windows operating systems. The vulnerability was disclosed prior to a patch being available and affects the ltmdm64.sys driver, which has historically been included with Windows systems. The issue was discovered and reported in October 2025, affecting multiple versions of Windows operating systems (NVD).

The vulnerability has been assigned a CVSSv3 score of 7.8 and is rated as important. It is classified as an Elevation of Privilege (EoP) vulnerability and is associated with CWE-121 (Stack-based Buffer Overflow). The vulnerability exists in the ltmdm64.sys driver component (NVD, Tenable).

Successful exploitation of this vulnerability would allow an attacker to gain administrator privileges on an affected system. The impact extends to all Windows systems with the vulnerable driver, regardless of whether the modem is in active use (Help Net Security).

Microsoft has addressed this vulnerability by completely removing the ltmdm64.sys driver in the October cumulative update. However, this means that fax modem hardware dependent on this specific driver will no longer work on Windows systems after applying the update. Microsoft recommends removing any existing dependencies on this hardware (NVD).