从这个网页截图中可以获取到以下关于漏洞的关键信息: - **漏洞名称**: Windows Telephony Service Remote Code Execution Vulnerability - **CVE编号**: CVE-2025-27477 - **发布日期**: Apr 8, 2025 - **影响**: Remote Code Execution - **最大严重性**: Important - **弱点类型**: CWE-122: Heap-based Buffer Overflow - **CVSS评分**: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C - **CVSS分数**: 8.8 / 7.7 ### 基本评分指标 (Base Score Metrics) - **攻击向量 (Attack Vector)**: Network - **攻击复杂度 (Attack Complexity)**: Low - **所需权限 (Privileges Required)**: None - **用户交互 (User Interaction)**: Required - **作用范围 (Scope)**: Unchanged - **机密性影响 (Confidentiality Impact)**: High - **完整性影响 (Integrity Impact)**: High - **可用性影响 (Availability Impact)**: High ### 时间评分指标 (Temporal Score Metrics) - **利用代码成熟度 (Exploit Code Maturity)**: Unproven - **修复级别 (Remediation Level)**: Official Fix