CVE-2025-26635

Medium

Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network.

secure@microsoft.com·CWE-1390·Published 2025-04-08

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

111 chars

Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network.

NVDen

111 chars

Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network.

NVDes

117 chars

La autenticación débil en Windows Hello permite que un atacante autorizado eluda una función de seguridad en una red.

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	6.5	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
3.1	Secondary	NVD	6.5	1.2	5.2