CVE-2025-32701
HIGH KEVWindows Common Log File System Driver - Authenticated Use-After-Free
Title source: llmExploitation Summary
CVE-2025-32701 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added May 13, 2025.
Description
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32701
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32701
Scores
CVSS v3
7.8
EPSS
0.0186
EPSS Percentile
83.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2025-05-13
VulnCheck KEV
2025-05-13
ENISA EUVD
EUVD-2025-14443
CWE
CWE-416
Status
published
Products (17)
microsoft/windows_10_1507
< 10.0.10240.21014
microsoft/windows_10_1607
< 10.0.14393.8066
microsoft/windows_10_1809
< 10.0.17763.7314 (2 CPE variants)
microsoft/windows_10_21h2
< 10.0.19044.5854
microsoft/windows_10_22h2
< 10.0.19045.5854
microsoft/windows_11_22h2
< 10.0.22621.5335
microsoft/windows_11_23h2
< 10.0.22631.5335
microsoft/windows_11_24h2
< 10.0.26100.3981
microsoft/windows_server_2008
microsoft/windows_server_2008
r2 sp1
... and 7 more
Published
May 13, 2025
KEV Added
May 13, 2025
Tracked Since
Feb 18, 2026