CVE-2025-24072: 
vulnerability analysis and mitigation

A use-after-free vulnerability has been identified in Microsoft Local Security Authority Server (lsasrv), tracked as CVE-2025-24072. This vulnerability was disclosed on March 11, 2025, affecting various versions of Windows operating systems. The vulnerability allows an authorized attacker with local access to elevate their privileges on the affected system (NVD, MITRE).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High), with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The attack vector is Local (AV:L), requiring low attack complexity (AC:L) and low privileges (PR:L), with no user interaction (UI:N). The scope is unchanged (S:U), with high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). The vulnerability is classified as CWE-416 (Use After Free) (AttackerKB).

The vulnerability poses a significant security risk as it allows an authorized attacker to elevate their privileges locally on the affected system. This could potentially lead to complete system compromise, as the attacker could gain high-level access to system resources, affecting the confidentiality, integrity, and availability of the system (NVD).

Microsoft has released security updates to address this vulnerability across multiple affected Windows versions, including Windows 10, Windows 11, Windows Server 2019, Windows Server 2022, and other supported versions. System administrators are advised to apply the relevant security updates to mitigate this vulnerability (AttackerKB).