Elevated Privilege Vulnerability in Windows Kernel by Microsoft
CVE-2025-59187

7.8HIGH

Key Information:

Vendor

Microsoft
Status
Windows 11 Version 25h2
Windows 10 Version 1809
Windows Server 2019
Windows Server 2019 (server Core Installation)
Vendor
CVE Published:
14 October 2025

What is CVE-2025-59187?

A vulnerability has been identified in the Windows Kernel due to improper input validation. This flaw enables authorized attackers to gain elevated privileges locally, potentially allowing them to execute unauthorized actions and access sensitive data. Maintaining updated systems and applying relevant patches is crucial to mitigate the risks associated with this vulnerability.

Affected Version(s)

Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.21161

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.8519

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.7919

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-59187 : Elevated Privilege Vulnerability in Windows Kernel by Microsoft