CVE-2025-62217

HIGH

Microsoft Windows 10 1607 < 10.0.14393.8594 - Race Condition

Title source: rule
STIX 2.1

Description

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

References (1)

Scores

CVSS v3 7.0
EPSS 0.0003
EPSS Percentile 9.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-362
Status published
Products (16)
microsoft/windows_10_1607 < 10.0.14393.8594 (2 CPE variants)
microsoft/windows_10_1809 < 10.0.17763.8027 (2 CPE variants)
microsoft/windows_10_21h2 < 10.0.19044.6575
microsoft/windows_10_22h2 < 10.0.19045.6575
microsoft/windows_11_23h2 < 10.0.22631.6199
microsoft/windows_11_24h2 < 10.0.26100.7092
microsoft/windows_11_25h2 < 10.0.26200.7092
microsoft/windows_server_2008 (2 CPE variants)
microsoft/windows_server_2008 r2 sp1
microsoft/windows_server_2012
... and 6 more
Published Nov 11, 2025
Tracked Since Feb 18, 2026