privilege escalation

Microsoft’s security telemetry and multiple vulnerability trackers recorded CVE‑2025‑59515 as a use‑after‑free (UAF) defect in the Windows Broadcast DVR User Service that permits a local, authorized attacker to escalate privileges on affected Windows hosts — Microsoft has published updates to...

Microsoft’s public advisories list CVE-2025-60713 as a genuine, high‑priority vulnerability in the Windows Routing and Remote Access Service (RRAS) that can allow a local, low‑privileged user to elevate to higher privileges through an untrusted pointer dereference in RRAS — administrators must...

Microsoft has published an advisory for CVE-2025-47179, a Configuration Manager elevation‑of‑privilege issue that affects on‑premises Microsoft Configuration Manager installations and requires immediate attention from administrators responsible for management‑plane infrastructure. Overview...

Microsoft has assigned CVE-2025-62219 to a newly disclosed local elevation‑of‑privilege defect in the Windows Wireless Provisioning System — a double‑free memory corruption that, if successfully exploited by a low‑privileged local actor, can permit privilege escalation to higher system...

Microsoft has published an advisory for CVE‑2025‑62218, an elevation‑of‑privilege vulnerability in the Microsoft Wireless Provisioning System that can be triggered locally by an authenticated user and, when successfully exploited, allow a low‑privilege account to gain elevated system privileges...

Microsoft’s security channels added CVE-2025-62217 to the public record on November 11, 2025: the flaw is a race condition in the Windows Ancillary Function Driver for WinSock (afd.sys) that can be abused by an authenticated local actor to elevate privileges on affected Windows hosts. Background...

Microsoft has published an advisory for CVE‑2025‑60710, an elevation‑of‑privilege vulnerability in the Host Process for Windows Tasks (commonly exposed as taskhostw / taskhostex), and security teams must treat this as a high‑priority local escalation risk until their estates are confirmed...

Microsoft has published an advisory today for CVE-2025-60707, a use‑after‑free vulnerability in the Multimedia Class Scheduler Service (MMCSS) that can be abused by an authorized local attacker to gain elevated privileges on a Windows host; Microsoft has released security updates addressing the...

A high‑confidence elevation‑of‑privilege vulnerability has been recorded under the identifier CVE‑2025‑59512 and tied to Microsoft’s Customer Experience Improvement Program (CEIP) component; initial vendor mapping and multiple industry trackers label the issue as high severity and advise...

Microsoft’s advisory ecosystem has flagged an elevation‑of‑privilege issue affecting Azure compute management components that can let an authenticated local user escalate to system/root on an affected host and, crucially, potentially abuse machine‑assigned identities and extension management...

A newly reported elevation‑of‑privilege issue tied to Azure’s notification infrastructure — tracked as CVE‑2025‑59500 in some community notes — has raised urgent operational questions for administrators and security teams, but the public evidence for this exact CVE number is limited and the...

Microsoft’s CVE label CVE-2025-59273 — described in some community postings as an Azure Event Grid system elevation-of-privilege issue — cannot be located in vendor advisories or major public vulnerability indexes at the time of this writing, and the available technical record points to an...

Rockwell Automation has published an urgent security advisory disclosing two high‑severity local privilege‑escalation flaws in FactoryTalk Linx that allow an authenticated Windows user to elevate to SYSTEM by abusing MSI “repair” behavior — vulnerabilities tracked as CVE‑2025‑9067 and...

Microsoft has confirmed a high‑severity elevation‑of‑privilege vulnerability in the Windows Resilient File System (ReFS) Deduplication Service—tracked as CVE‑2025‑59210—and administrators running ReFS on client or server systems should treat this as a priority patching and hardening exercise for...

Microsoft has added CVE-2025-59192 to its October security rollup: a buffer over‑read in the Storport.sys Windows storage driver that Microsoft says can be abused by a locally authorized attacker to gain elevated privileges, and administrators should treat the published update as an urgent...

Microsoft has assigned CVE-2025-59275 to a high-severity elevation-of-privilege (EoP) issue in Windows Authentication Methods that, according to public vendor mirrors, stems from improper validation of a specific input type and can allow an authorized (local) actor to escalate privileges on...

Microsoft has published an update addressing CVE-2025-59278, a Windows authentication elevation-of-privilege flaw that allows a locally authorized attacker to gain higher system privileges through improper input validation in Windows authentication methods—security teams should treat this as a...

Microsoft has published an advisory for CVE-2025-59261, a time-of-check, time-of-use (TOCTOU) race-condition in the Windows Graphics Component that can allow an authenticated local user to escalate privileges to a higher local authority on affected systems. Background / Overview The Windows...

Microsoft has recorded CVE-2025-59241 as an elevation‑of‑privilege bug in the newly introduced Windows Health and Optimized Experiences service (whesvc), and the initial vendor and aggregator records assign it a High severity (CVSS 3.1 = 7.8) with the underlying weakness classed as CWE‑59...

Microsoft’s October security roll-up closed a dangerous local privilege‑escalation hole in the Remote Access Connection Manager (RasMan) — tracked as CVE‑2025‑59230 — after Microsoft and its threat teams observed in‑the‑wild exploitation; the flaw is an improper access control condition that...