CVE-2025-24052
ltmdm64.sys — stack buffer overflow in Agere Modem driver allows elevation of privilege
Summary
| Field | Value |
|---|---|
| Driver | ltmdm64.sys (Agere Modem) |
| Vulnerability Class | Buffer Overflow (Stack) |
| CVSS | 7.8 |
| Exploited ITW | No (publicly disclosed) |
| Patch Date | October 14, 2025 |
Root Cause
A stack buffer overflow in the Agere Modem driver (ltmdm64.sys) occurs when processing crafted input. The driver never checks input sizes before copying data to a fixed-size stack buffer. This is a legacy inbox driver bundled with Windows.
Exploitation
The attacker sends crafted input to the modem driver. The stack overflow overwrites return addresses for kernel code execution.
Exploitation Primitive
Crafted modem driver input → stack buffer overflow
→ return address overwrite → kernel code execution