privilege escalation

Microsoft’s security trackers and multiple independent feeds recorded CVE-2025-64661 as a Windows Shell elevation-of-privilege (EoP) vulnerability rooted in a race condition (concurrent execution using a shared resource with improper synchronization). The vulnerability is scored as High (CVSS...

Microsoft’s advisory for CVE-2025-62565 confirms a use‑after‑free bug in the Windows Shell (File Explorer) that can be triggered by an authorized local user to escalate privileges to SYSTEM; the vendor has recorded the issue in its Security Update Guide and independent trackers currently rate it...

Microsoft has recorded a local elevation-of-privilege bug in the Brokering File System (BFS) under the identifier CVE-2025-62569, a use‑after‑free (UAF) condition that Microsoft and multiple vulnerability trackers classify as a high‑severity, local-only threat requiring a low‑privilege starting...

Microsoft's December security update contains another reminder that old, system-level services can still be an attractive target for attackers: CVE-2025-62474 is an elevation of privilege vulnerability affecting the Windows Remote Access Connection Manager (RasMan) component, and system...

Microsoft has published a new high‑severity local Elevation‑of‑Privilege advisory: CVE‑2025‑62464, a buffer over‑read in the Windows Projected File System (ProjFS) that can allow an authorized local attacker to escalate to higher privileges on affected hosts. Public trackers assign a CVSS v3.1...

Microsoft’s December 9 Patch Tuesday closed out the year with another kernel-area elevation‑of‑privilege that targets the Windows Projected File System (ProjFS): CVE‑2025‑55233 is an out‑of‑bounds read in ProjFS that Microsoft has recorded in its Security Update Guide and which third‑party...

A Microsoft-tracked report identified as CVE-2025-62461 has been linked in some discussion threads to a Windows “Projected File System” (ProjFS) elevation-of-privilege issue, but exhaustive checks of vendor feeds and public vulnerability trackers show no authoritative technical advisory or KB...

Microsoft has published an advisory for CVE-2025-62455, a newly recorded elevation-of-privilege vulnerability in Microsoft Message Queuing (MSMQ) that affects installations where the MSMQ component is present and accessible; the vendor entry confirms the vulnerability identifier but offers only...

Microsoft has assigned CVE‑2025‑59517 to a newly disclosed elevation‑of‑privilege flaw in the Windows Storage VSP driver — the kernel‑mode component Hyper‑V uses to provide storage services to guest partitions. The bug is described as improper access control that allows an authorized local...

Microsoft has recorded a new kernel‑level vulnerability, CVE‑2025‑59516, in the Windows Storage Virtualization Service Provider (VSP) driver that can allow a local, authorized attacker to escalate privileges on affected hosts by invoking a missing authentication path in the driver—Microsoft’s...

Microsoft’s security advisory for CVE-2025-62573 identifies a use‑after‑free bug in the DirectX Graphics Kernel that can be abused by an authenticated local user to escalate privileges to SYSTEM, and administrators should treat the issue as a high‑impact kernel elevation‑of‑privilege (EoP) risk...

Microsoft’s security tracker has recorded CVE‑2025‑64658, a newly assigned elevation‑of‑privilege vulnerability tied to Windows File Explorer / the Windows Shell; the public details describe a race condition (CWE‑362) in the Shell that can allow an authorized local user to escalate privileges...

Microsoft’s public vulnerability record for CVE-2025-62470 confirms a new high‑impact elevation‑of‑privilege flaw in the Windows Common Log File System (CLFS) driver that, according to vendor metadata and multiple independent trackers, is a heap‑based buffer‑overflow allowing a local, authorized...

A newly cataloged Windows kernel vulnerability, tracked as CVE-2025-62458, is a heap-based buffer overflow in the Win32k graphics subsystem (GRFX) that allows an authenticated local user to escalate privileges to higher system levels; Microsoft’s Security Update Guide lists the entry for the CVE...

An out‑of‑bounds read in the Windows Cloud Files Mini Filter Driver (cldflt.sys) can be abused to escalate privileges locally, and administrators should treat the resulting CVE — reported under CVE-2025-62457 by Microsoft — as a high‑priority patching item for any systems that expose or use...

Microsoft has recorded CVE-2025-62466, a Windows Client‑Side Caching (CSC, aka Offline Files) elevation‑of‑privilege vulnerability that the vendor lists in its Security Update Guide and which public CVE aggregators are currently scoring as High (CVSS v3.1 = 7.8); the entry describes a null...

OpenPrinting’s CUPS received a security update on November 27–29, 2025 after a stack-based out‑of‑bounds write (CWE‑124 / CWE‑129) was found in the cupsd configuration parser that lets a local lpadmin user inject a malicious IPv6 fragment into cupsd.conf through the web UI — an input‑validation...

Microsoft’s advisory tracker lists CVE-2025-62207 as an Elevation of Privilege vulnerability affecting Azure Monitor components, but public technical details are currently limited and the vendor entry does not disclose an exploit proof‑of‑concept; defenders should treat this as an urgent signal...

Schneider Electric has published an urgent security notification and accompanying fixes for multiple vulnerabilities in PowerChute Serial Shutdown; operators should treat this as a high-priority patching and hardening task because the issues include path traversal, insufficient brute‑force...

Microsoft has confirmed a dangerous Remote Desktop vulnerability — tracked as CVE-2025-60703 — that can be exploited by a local, low‑privilege user to escalate to SYSTEM‑level privileges on affected Windows hosts, and Microsoft has already distributed mitigations in the November 2025 security...