CVE-2025-59205

HIGH

Microsoft Windows 10 1507 < 10.0.10240.21161 - Race Condition

Title source: rule

Description

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

References (1)

Scores

CVSS v3 7.0
EPSS 0.0003
EPSS Percentile 7.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-362
Status published

Affected Products (22)

microsoft/windows_10_1507 < 10.0.10240.21161
microsoft/windows_10_1507 < 10.0.10240.21161
microsoft/windows_10_1607 < 10.0.14393.8519
microsoft/windows_10_1607 < 10.0.14393.8519
microsoft/windows_10_1809 < 10.0.17763.7919
microsoft/windows_10_1809 < 10.0.17763.7919
microsoft/windows_10_21h2 < 10.0.19044.6456
microsoft/windows_10_22h2 < 10.0.19045.6456
microsoft/windows_11_22h2 < 10.0.22621.6060
microsoft/windows_11_23h2 < 10.0.22631.6060
microsoft/windows_11_24h2 < 10.0.26100.6899
microsoft/windows_11_25h2 < 10.0.26200.6899
microsoft/windows_server_2008
microsoft/windows_server_2008
microsoft/windows_server_2008
... and 7 more

Timeline

Published Oct 14, 2025
Tracked Since Feb 18, 2026