CVE-2025-55226

MEDIUM

Graphics Kernel - Local Code Execution

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-55226. PoCs published by Network-Sec.

AI-analyzed exploit summary This repository provides a PowerShell script to check for the presence of a vulnerable version of win32k.sys related to CVE-2025-55226. It corrects an original patch check script by directly examining the file version in System32 and comparing it to a known patched version.

Description

Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to execute code locally.

Exploits (1)

nomisec SCANNER

by Network-Sec · poc

https://github.com/Network-Sec/CVE-2025-55226-Corrected-Patch-Check

View Code ZIP pw:eip

This repository provides a PowerShell script to check for the presence of a vulnerable version of win32k.sys related to CVE-2025-55226. It corrects an original patch check script by directly examining the file version in System32 and comparing it to a known patched version.

Classification

Scanner 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Windows win32k.sys

No auth needed

Prerequisites: Access to the target system's file system

MITRE ATT&CK

T1082 - System Information Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55226

Scores

CVSS v3 6.7

EPSS 0.0045

EPSS Percentile 35.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-362

Status published

Products (17)

microsoft/windows_10_1507 < 10.0.10240.21128 (2 CPE variants)

microsoft/windows_10_1607 < 10.0.14393.8422 (2 CPE variants)

microsoft/windows_10_1809 < 10.0.17763.7792 (2 CPE variants)

microsoft/windows_10_21h2 < 10.0.19044.6332

microsoft/windows_10_22h2 < 10.0.19045.6332

microsoft/windows_11_22h2 < 10.0.22621.5909

microsoft/windows_11_23h2 < 10.0.22631.5909

microsoft/windows_11_24h2 < 10.0.26100.6508

microsoft/windows_server_2008 (2 CPE variants)

microsoft/windows_server_2008 r2 sp1

... and 7 more

Published Sep 09, 2025

Tracked Since Feb 18, 2026