Microsoft Windows Mobile
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Windows Mobile.
Recent Microsoft Windows Mobile Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2025-29811 | CVE-2025-29811 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | April 8, 2025 |
| CVE-2024-49110 | CVE-2024-49110 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | December 10, 2024 |
| CVE-2024-49083 | CVE-2024-49083 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | December 10, 2024 |
| CVE-2024-49077 | CVE-2024-49077 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | December 10, 2024 |
| CVE-2024-49078 | CVE-2024-49078 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | December 10, 2024 |
| CVE-2024-49092 | CVE-2024-49092 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | December 10, 2024 |
| CVE-2024-49087 | CVE-2024-49087 Windows Mobile Broadband Driver Information Disclosure Vulnerability | December 10, 2024 |
| CVE-2024-49073 | CVE-2024-49073 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | December 10, 2024 |
| CVE-2024-43561 | CVE-2024-43561 Windows Mobile Broadband Driver Denial of Service Vulnerability | October 8, 2024 |
| CVE-2024-43559 | CVE-2024-43559 Windows Mobile Broadband Driver Denial of Service Vulnerability | October 8, 2024 |
By the Year
In 2025 there have been 0 vulnerabilities in Microsoft Windows Mobile. Windows Mobile did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Windows Mobile vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows Mobile Security Vulnerabilities
Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition
CVE-2009-0244
8.8 - High
- January 21, 2009
Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder.
Directory traversal
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors
CVE-2008-4609
- October 20, 2008
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
Configuration
Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows, and the Bluetooth implementation in Windows Mobile or Windows CE on the HP IPAQ 2215 and 5450
CVE-2006-6908
- December 31, 2006
Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows, and the Bluetooth implementation in Windows Mobile or Windows CE on the HP IPAQ 2215 and 5450, allows remote attackers to cause a denial of service (service crash) and possibly execute arbitrary code via unspecified vectors.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows Embedded Compact or by Microsoft? Click the Watch button to subscribe.
