Race Condition Vulnerability in HYPR Passwordless on Windows
CVE-2025-0372

5.9MEDIUM

Key Information:

Vendor: Hypr
Status: Passwordless
Vendor: CVE Published:; 21 May 2025

What is CVE-2025-0372?

A race condition vulnerability exists in HYPR Passwordless software on Windows, which allows an attacker to exploit improper synchronization of shared resources. This flaw could lead to privilege escalation, enabling unauthorized actions by malicious actors. Users of versions prior to 10.1 are advised to take immediate action to secure their systems against this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Passwordless Windows 0 < 10.1

References

https://www.hypr.com/trust-center/security-advisories

CVSS V4

Score:

5.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
May 21, 2025
Vulnerability Reserved
Jan 10, 2025

JSON

Hypr