Race Condition Vulnerability in Windows DirectX by Microsoft
CVE-2025-60723

6.3MEDIUM

Key Information:

Vendor

Microsoft
Status
Windows 10 Version 1809
Windows Server 2019
Windows Server 2019 (server Core Installation)
Windows Server 2022
Vendor
CVE Published:
11 November 2025

What is CVE-2025-60723?

A race condition in Windows DirectX arises due to improper synchronization when multiple executions access shared resources simultaneously. An authenticated attacker could exploit this vulnerability to cause a denial of service, leading to disruption of service over a network. This presents a potential risk to system integrity and availability, necessitating prompt updates and security measures by users and administrators.

Affected Version(s)

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.8027

Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.6575

Windows 10 Version 22H2 x64-based Systems 10.0.19045.0 < 10.0.19045.6575

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-60723 : Race Condition Vulnerability in Windows DirectX by Microsoft