Privilege Escalation Vulnerability in Windows Administrator Protection by Microsoft
CVE-2025-60718

7.8HIGH

Key Information:

Vendor: Microsoft
Status: Windows 11 Version 24h2; Windows 11 Version 25h2
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-60718?

An untrusted search path vulnerability in Windows Administrator Protection allows an authorized attacker to gain elevated privileges locally. This flaw can be exploited to escalate user privileges, compromising system integrity and enabling unauthorized actions within the Windows environment. It is crucial for users and administrators to ensure their systems are updated to mitigate the risk stemming from this vulnerability.

Affected Version(s)

Windows 11 Version 24H2 ARM64-based Systems 10.0.26100.0 < 10.0.26100.7171

Windows 11 Version 25H2 Unknown 10.0.26200.0 < 10.0.26200.7171

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Sep 26, 2025

JSON