Windows Connected Devices Platform Service Remote Code Execution Vulnerability
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.
MSRC compact vulnerability detail
CVE-2025-49724 · Windows Connected Devices Platform Service Remote Code Execution Vulnerability
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.
Signals
Windows Connected Devices Platform Service
Remote Code Execution
Exploited: No
Publicly disclosed: No
Exploitability: Exploitation More Likely
CWE
Patch Diff
Loading module diff metadata...
Resolved binary override
Use this when the MSRC module name cannot be mapped automatically or the resolved binary looks wrong.
Description
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.
FAQ / Articles
Windows Connected Devices Platform Service Remote Code Execution Vulnerability
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.
FAQ
How could an attacker exploit this vulnerability? To exploit this vulnerability, a remote unauthenticated attacker would need to send specially crafted traffic to a system with the "Nearby Sharing" feature enabled and to convince a user to take specific actions.
Mitigation
The following mitigating factors might be helpful in your situation: There is a feature in Windows 10 and 11 called Nearby Sharing. This feature is not enabled by default. To protect from this vulnerability, you should disable the Nearby Sharing feature if it is not already. See Share things with nearby devices in Windows for more information.