CVE-2025-49723: 
vulnerability analysis and mitigation

CVE-2025-49723 is a security vulnerability discovered in the Windows StateRepository API, disclosed on July 8, 2025. The vulnerability stems from missing authorization controls that could allow an authorized attacker to perform local tampering. This vulnerability affects multiple versions of Windows operating systems, including Windows Server 2025, Windows 11 (versions 22H2, 23H2, 24H2), Windows 10 (versions 1809, 21H2, 22H2), and Windows Server editions (2019, 2022) (NVD, CVE).

The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H. The vulnerability is classified under CWE-862 (Missing Authorization). The attack requires local access with low attack complexity and privileged access, but no user interaction (NVD).

The vulnerability allows an authorized attacker with local access to perform tampering operations, potentially affecting the confidentiality, integrity, and availability of the system as indicated by the high impact scores across all three security metrics in the CVSS rating (NVD).

Microsoft has released security updates to address this vulnerability as part of the July 2025 security updates. The fixes are available for all affected versions of Windows through Windows Update (Microsoft Updates).