privilege escalation

A high‑confidence elevation‑of‑privilege vulnerability has been recorded under the identifier CVE‑2025‑59512 and tied to Microsoft’s Customer Experience Improvement Program (CEIP) component; initial vendor mapping and multiple industry trackers label the issue as high severity and advise...

Microsoft’s advisory ecosystem has flagged an elevation‑of‑privilege issue affecting Azure compute management components that can let an authenticated local user escalate to system/root on an affected host and, crucially, potentially abuse machine‑assigned identities and extension management...

A newly reported elevation‑of‑privilege issue tied to Azure’s notification infrastructure — tracked as CVE‑2025‑59500 in some community notes — has raised urgent operational questions for administrators and security teams, but the public evidence for this exact CVE number is limited and the...

Microsoft’s CVE label CVE-2025-59273 — described in some community postings as an Azure Event Grid system elevation-of-privilege issue — cannot be located in vendor advisories or major public vulnerability indexes at the time of this writing, and the available technical record points to an...

Rockwell Automation has published an urgent security advisory disclosing two high‑severity local privilege‑escalation flaws in FactoryTalk Linx that allow an authenticated Windows user to elevate to SYSTEM by abusing MSI “repair” behavior — vulnerabilities tracked as CVE‑2025‑9067 and...

Microsoft has confirmed a high‑severity elevation‑of‑privilege vulnerability in the Windows Resilient File System (ReFS) Deduplication Service—tracked as CVE‑2025‑59210—and administrators running ReFS on client or server systems should treat this as a priority patching and hardening exercise for...

Microsoft has added CVE-2025-59192 to its October security rollup: a buffer over‑read in the Storport.sys Windows storage driver that Microsoft says can be abused by a locally authorized attacker to gain elevated privileges, and administrators should treat the published update as an urgent...

Microsoft has assigned CVE-2025-59275 to a high-severity elevation-of-privilege (EoP) issue in Windows Authentication Methods that, according to public vendor mirrors, stems from improper validation of a specific input type and can allow an authorized (local) actor to escalate privileges on...

Microsoft has published an update addressing CVE-2025-59278, a Windows authentication elevation-of-privilege flaw that allows a locally authorized attacker to gain higher system privileges through improper input validation in Windows authentication methods—security teams should treat this as a...

Microsoft has published an advisory for CVE-2025-59261, a time-of-check, time-of-use (TOCTOU) race-condition in the Windows Graphics Component that can allow an authenticated local user to escalate privileges to a higher local authority on affected systems. Background / Overview The Windows...

Microsoft has recorded CVE-2025-59241 as an elevation‑of‑privilege bug in the newly introduced Windows Health and Optimized Experiences service (whesvc), and the initial vendor and aggregator records assign it a High severity (CVSS 3.1 = 7.8) with the underlying weakness classed as CWE‑59...

Microsoft’s October security roll-up closed a dangerous local privilege‑escalation hole in the Remote Access Connection Manager (RasMan) — tracked as CVE‑2025‑59230 — after Microsoft and its threat teams observed in‑the‑wild exploitation; the flaw is an improper access control condition that...

Microsoft confirmed a Windows kernel elevation‑of‑privilege vulnerability tracked as CVE‑2025‑59194, describing it as a use of uninitialized resource in kernel code that an authorized local attacker can exploit to gain elevated privileges; Microsoft published the advisory and security update...

Microsoft has confirmed and patched CVE-2025-58734 — an Inbox COM Objects (Global Memory) vulnerability that can be leveraged for local remote code execution and elevation of privilege in specific hosting contexts, and administrators must treat it as a high-priority fix for exposed and...

A heap-based buffer overflow in the Windows Connected Devices Platform Service (Cdpsvc) — tracked as CVE-2025-59191 — was published on October 14, 2025 and classified by vendors as an elevation-of-privilege (EoP) vulnerability that allows an authorized local attacker with low privileges to gain...

Microsoft has published an advisory for CVE-2025-59189, a high‑severity local elevation‑of‑privilege (EoP) bug in the Microsoft Brokering File System (BFS) that Microsoft and multiple independent trackers classify as a use‑after‑free memory corruption enabling a local attacker to escalate to...

Microsoft’s October security rollup includes a newly cataloged Windows Kernel elevation‑of‑privilege tracked as CVE‑2025‑59187, a confirmed local flaw that Microsoft classifies as improper input validation and that carries a CVSS v3.1 base score of 7.8 (High) — administrators should treat this...

Microsoft has assigned CVE-2025-58736 to a class of vulnerabilities in Inbox COM Objects (Global Memory) that were patched in the October 2025 security updates; the issue is part of a broader family of COM/COM+ defects (race conditions, use‑after‑free and related memory‑safety faults) that can...

Microsoft assigned CVE-2025-58726 to an improper access control flaw in the Windows SMB Server that can allow an authorized attacker to elevate privileges over a network, and the entry is indexed with a CVSS v3.1 base score of 7.5 (High)—an advisory administrators must treat as a priority for...

Microsoft’s security channels added CVE-2025-58714 to the record this week: an elevation‑of‑privilege weakness in the Windows Ancillary Function Driver for WinSock (the afd.sys stack) that — if left unpatched on an affected host — lets a locally authorized attacker raise their process context to...