Elevation of Privilege Vulnerability in Windows Ancillary Function Driver for WinSock
CVE-2025-32709
Key Information:
- Vendor
Microsoft
- Status
- Vendor
- CVE Published:
- 13 May 2025
Badges
What is CVE-2025-32709?
A vulnerability exists in the Windows Ancillary Function Driver for WinSock allowing an authorized attacker to exploit a use after free condition. This could enable the attacker to gain elevated privileges on the local system, potentially allowing them to execute arbitrary code with elevated rights. Given its nature, this vulnerability presents a significant security risk, highlighting the importance of keeping systems updated to mitigate exploitation.
CISA has reported CVE-2025-32709
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-32709 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.21014
Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.8066
Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.7314