You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-54093
About this tag
CVE-2025-54093 is a time-of-check/time-of-use (TOCTOU) race condition in the Windows TCP/IP driver that Microsoft has identified as a local privilege escalation vulnerability. An authorized local user who can run code on the affected system may exploit this race condition to elevate their privileges. The flaw resides in the TCP/IP driver's handling of certain operations, where a race window allows an attacker to modify system state after a security check but before the operation is performed. Microsoft has released an advisory detailing the issue, and users are advised to apply the latest security updates to mitigate the risk. This tag covers discussions and analysis of the vulnerability, its impact, and remediation steps.
Title: CVE‑2025‑54093 — Windows TCP/IP Driver TOCTOU Race Condition (Local Elevation of Privilege)
Summary
What it is: A time‑of‑check/time‑of‑use (TOCTOU) race condition in the Windows TCP/IP driver that Microsoft lists as CVE‑2025‑54093. Microsoft’s advisory describes the flaw as a TOCTOU...