Microsoft Windows Mobile
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Windows Mobile.
Recent Microsoft Windows Mobile Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2025-29811 | CVE-2025-29811 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | April 8, 2025 |
| CVE-2024-49110 | CVE-2024-49110 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | December 10, 2024 |
| CVE-2024-49083 | CVE-2024-49083 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | December 10, 2024 |
| CVE-2024-49077 | CVE-2024-49077 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | December 10, 2024 |
| CVE-2024-49078 | CVE-2024-49078 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | December 10, 2024 |
| CVE-2024-49092 | CVE-2024-49092 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | December 10, 2024 |
| CVE-2024-49087 | CVE-2024-49087 Windows Mobile Broadband Driver Information Disclosure Vulnerability | December 10, 2024 |
| CVE-2024-49073 | CVE-2024-49073 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | December 10, 2024 |
| CVE-2024-43561 | CVE-2024-43561 Windows Mobile Broadband Driver Denial of Service Vulnerability | October 8, 2024 |
| CVE-2024-43559 | CVE-2024-43559 Windows Mobile Broadband Driver Denial of Service Vulnerability | October 8, 2024 |
By the Year
In 2025 there have been 0 vulnerabilities in Microsoft Windows Mobile. Last year, in 2024 Windows Mobile had 2 security vulnerabilities published. Right now, Windows Mobile is on track to have less security vulnerabilities in 2025 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 2 | 5.90 |
It may take a day or so for new Windows Mobile vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows Mobile Security Vulnerabilities
Microsoft Windows Mobile Broadband Driver EoP Vulnerability
CVE-2024-49092
6.8 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Mobile Hotspot Info Disclosure
CVE-2024-26220
5 - Medium
- April 09, 2024
Windows Mobile Hotspot Information Disclosure Vulnerability
Use of Uninitialized Resource
Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition
CVE-2009-0244
8.8 - High
- January 21, 2009
Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder.
Directory traversal
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors
CVE-2008-4609
- October 20, 2008
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
Configuration
Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows, and the Bluetooth implementation in Windows Mobile or Windows CE on the HP IPAQ 2215 and 5450
CVE-2006-6908
- December 31, 2006
Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows, and the Bluetooth implementation in Windows Mobile or Windows CE on the HP IPAQ 2215 and 5450, allows remote attackers to cause a denial of service (service crash) and possibly execute arbitrary code via unspecified vectors.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows Mobile or by Microsoft? Click the Watch button to subscribe.
