CVE-2025-53807
HIGHMicrosoft Graphics Component - Privilege Escalation
Title source: llmDescription
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
Scores
CVSS v3
7.0
EPSS
0.0005
EPSS Percentile
13.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Classification
CWE
CWE-362
CWE-416
Status
published
Affected Products (11)
microsoft/windows_10_1809
< 10.0.17763.7792
microsoft/windows_10_1809
< 10.0.17763.7792
microsoft/windows_10_21h2
< 10.0.19044.6332
microsoft/windows_10_22h2
< 10.0.19045.6332
microsoft/windows_11_22h2
< 10.0.22621.5909
microsoft/windows_11_23h2
< 10.0.22631.5909
microsoft/windows_11_24h2
< 10.0.26100.6508
microsoft/windows_server_2019
< 10.0.17763.7792
microsoft/windows_server_2022
< 10.0.20348.4106
microsoft/windows_server_2022_23h2
< 10.0.25398.1849
microsoft/windows_server_2025
< 10.0.26100.6508
Timeline
Published
Sep 09, 2025
Tracked Since
Feb 18, 2026