Zero Day MonitorZDM

← Back to list

7.8

CVE-2025-62221KEVEXPLOITEDPATCHED

microsoft · windows_10_1809

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Description

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

Affected Products

Vendor	Product	Versions
microsoft	windows_10_1809	10.0.17763.0, 10.0.19044.0, 10.0.19045.0, 10.0.22631.0, 10.0.22631.0, 10.0.26100.0, 10.0.26200.0, 10.0.17763.0, 10.0.17763.0, 10.0.20348.0, 10.0.25398.0, 10.0.26100.0, 10.0.26100.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
microsoft	windows_11_25h2	cve_cpe	95%
microsoft	windows_server_2019	cve_cpe	95%
microsoft	windows_10_22h2	cve_cpe	95%
microsoft	windows_11_23h2	cve_cpe	95%
microsoft	windows_11_24h2	cve_cpe	95%

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62221(vendor-advisory, patch)

Related News (1 articles)

Tier B

JPCERT/CC

Security Alert: Microsoft Releases December 2025 Security Updates

→ No new info (linked only)

CVSS 3.17.8 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CISA KEV✅ Yes

Actively exploited✅ Yes

Patch available

10.0.17763.814610.0.19044.669110.0.19045.669110.0.22631.634510.0.26100.739210.0.26200.739210.0.20348.446710.0.25398.2025

CWECWE-416

PublishedDec 9, 2025

Last enriched42d ago

Trending Score0

Source articles1

Independent1

Info Completeness11/14

Missing: epss, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-33825EXPKEV

Microsoft Defender Elevation of Privilege Vulnerability

CRITICALCVE-2026-41089EXP

Windows Netlogon Remote Code Execution Vulnerability

CRITICALCVE-2026-41103EXP

Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability

CRITICALCVE-2026-41096EXP

Windows DNS Client Remote Code Execution Vulnerability

CRITICALCVE-2026-42898EXP

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Vulnerability Timeline

CVE Published

Dec 9, 2025

Added to CISA KEV

Dec 9, 2025

Discovered by ZDM

Apr 1, 2026

Actively Exploited

Apr 16, 2026

Exploit Available

Apr 16, 2026

Patch Available

Apr 16, 2026