CVE-2025-24052
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-14

Last updated on: 2025-10-20

Assigner: Microsoft Corporation

Description
Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Windows. Microsoft recommends removing any existing dependencies on this hardware.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-14
Last Modified
2025-10-20
Generated
2026-05-07
AI Q&A
2025-10-14
EPSS Evaluated
2026-05-05
NVD
CVE-2025-24052
Affected Vendors & Products
Showing 18 associated CPEs
Vendor Product Version / Range
microsoft windows_10_1507 to 10.0.10240.21161 (exc)
microsoft windows_10_1607 to 10.0.14393.8519 (exc)
microsoft windows_10_1809 to 10.0.17763.7919 (exc)
microsoft windows_10_21h2 to 10.0.19044.6456 (exc)
microsoft windows_10_22h2 to 10.0.19045.6456 (exc)
microsoft windows_11_22h2 to 10.0.22621.6060 (exc)
microsoft windows_11_23h2 to 10.0.22631.6060 (inc)
microsoft windows_11_24h2 to 10.0.26100.6899 (exc)
microsoft windows_11_25h2 to 10.0.26200.6899 (exc)
microsoft windows_server_2008 *
microsoft windows_server_2008 r2
microsoft windows_server_2012 *
microsoft windows_server_2012 r2
microsoft windows_server_2016 to 10.0.14393.8519 (inc)
microsoft windows_server_2019 to 10.0.17763.7919 (exc)
microsoft windows_server_2022 to 10.0.20348.4294 (exc)
microsoft windows_server_2022_23h2 to 10.0.25398.1913 (exc)
microsoft windows_server_2025 to 10.0.26100.6899 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves the Agere Modem driver (ltmdm64.sys) that ships with supported Windows operating systems. Microsoft has identified security issues with this third-party driver and has removed it in the October cumulative update. The driver is being deprecated due to these vulnerabilities.


How can this vulnerability impact me? :

The impact of this vulnerability is that fax modem hardware dependent on the ltmdm64.sys driver will no longer function on Windows after the driver removal. Additionally, the vulnerability has a high severity score indicating it could lead to significant confidentiality, integrity, and availability impacts if exploited.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, you should remove any existing dependencies on the Agere Modem driver (ltmdm64.sys) and ensure that the October cumulative update, which removes this driver, is installed on your Windows systems. Note that fax modem hardware dependent on this driver will no longer function after removal.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart