CVE-2025-53769: Windows Security App Spoofing Vulnerability

Overview

Severity

Medium (CVSS 5.5)

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

Category

Spoofing

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2025-Aug

Released

2025-08-12

EPSS Score

0.13% (percentile: 33.0%)

Description

External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.

Affected Products (1)

Windows

• Windows Security App

Acknowledgments

<a href="https://twitter.com/bohops">Jimmy Bayne of IBM X-Force</a>

Revision History

• 2025-08-12: Information published.