Share
## https://sploitus.com/exploit?id=8990076F-EB5F-5093-B4FF-2378BE8D9205
# CVE-2025-50165 Windows Graphics Component RCE (x64)
> Critical Remote Code Execution via malicious JPEG โ Windows 11 24H2 (unpatched)
> CVSS 9.8 โ No privileges, no interaction required
```
CVE-2025-50165 - windowscodecs.dll untrusted pointer dereference
Discovered by Zscaler ThreatLabz
Patched: November 2025 (KB5040442)
```
## Features
- Full x64 null-free shellcode (calc.exe spawner โ 169 bytes)
- Heap spray + ROP chain inside APP1/EXIF segments
- Polymorphic NOP sled + randomized lengths for AV/EDR evasion
- Single Python file โ no dependencies beyond Pillow
## Files
```
poc/ โ Final weaponized JPEGs
scripts/generate_poc.py โ Main generator (Encrypter15)
shellcode/calc_x64.bin โ Raw shellcode for analysis
README.md โ This file
```
## Quick Start
```bash
pip install Pillow
python scripts/generate_poc.py
```
โ Generates `poc/CVE-2025-50165_x64_encrypter15.jpg`
Open the JPEG with Photos, Office, Edge preview, etc. โ `calc.exe` spawns instantly on vulnerable systems.
## Legal
For authorized security testing and research only. Do not use against systems without explicit permission.
## Author
**Encrypter15** โ encrypter15@gmail.com
Stay frosty.