Elevation of Privilege Vulnerability in Windows Cloud Files Mini Filter Driver
CVE-2025-62221

7.8HIGH

Key Information:

Vendor

Microsoft
Status
Windows 10 Version 1809
Windows 10 Version 21h2
Windows 10 Version 22h2
Windows Server 2025 (server Core Installation)
Vendor
CVE Published:
9 December 2025

Badges

๐Ÿ‘พ Exploit Exists๐Ÿฆ… CISA Reported๐Ÿ“ฐ News Worthy

What is CVE-2025-62221?

A use after free vulnerability in the Windows Cloud Files Mini Filter Driver can allow an authorized attacker to execute local privilege escalation. By exploiting this flaw, attackers may gain elevated privileges, potentially compromising system integrity. It is crucial for users to be aware of this risk and apply the necessary security patches provided by Microsoft to safeguard their systems.

CISA has reported CVE-2025-62221

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-62221 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.8146

Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.6691

Windows 10 Version 22H2 ARM64-based Systems 10.0.19045.0 < 10.0.19045.6691

News Articles

favicon imageSOC Prime

CVE-2025-62221 and CVE-2025-54100: Windows Elevation of Privilege and RCE Zero-Day Vulnerabilities Patched | SOC Prime

Explore details for CVE-2025-62221 and CVE-2025-54100 zero-day vulnerabilities in Windows products, with an in-depth analysis on our SOC Prime blog.

favicon imageRS Web Solutions

Warning, Cybercriminals Exploiting Windows and WinRAR Flaws

Urgent alert: Cybercriminals are exploiting critical Windows and WinRAR vulnerabilities. Discover how to protect your data before itโ€™s too late.

favicon imageCyber Daily

Alert! Hackers targeting Windows and WinRAR vulnerabilities

The US cyber agency has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • ๐Ÿฆ…

    CISA Reported

  • ๐Ÿ“ฐ

    First article discovered by theregister.com

  • Vulnerability published

  • Vulnerability Reserved

JSON
.