CVE-2025-27492
published 2025-04-08CVE-2025-27492: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate…
PriorityP335high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
EPSS
0.31%
22.0th percentile
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_11_22h2 | < 10.0.22621.5189 | 10.0.22621.5189 |
| microsoft | windows_11_23h2 | < 10.0.22631.5189 | 10.0.22631.5189 |
| microsoft | windows_11_24h2 | < 10.0.26100.3775 | 10.0.26100.3775 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.5189 | 10.0.22621.5189 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.5189 | 10.0.22631.5189 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.5189 | 10.0.22631.5189 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.3775 | 10.0.26100.3775 |
| microsoft | windows_server_2022 | < 10.0.20348.3453 | 10.0.20348.3453 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.3453 | 10.0.20348.3453 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.1551 | 10.0.25398.1551 |
| microsoft | windows_server_2025 | < 10.0.26100.3775 | 10.0.26100.3775 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.3775 | 10.0.26100.3775 |
| msrc | windows_11_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_x64-based_systems | — | — |
| msrc | windows_server_2022 | — | — |
| msrc | windows_server_2022_23h2_edition | — | — |
| msrc | windows_server_2025 | — | — |
CVSS provenance
nvdv3.17.0HIGHCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.0HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m8qx-v899-58w7: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to
ghsa_unreviewed·2025-04-08
CVE-2025-27492 [HIGH] CWE-362 GHSA-m8qx-v899-58w7: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.
Microsoft
Windows Secure Channel Elevation of Privilege Vulnerability
vendor_msrc·2025-04-08·CVSS 7.0
CVE-2025-27492 [HIGH] CWE-362 Windows Secure Channel Elevation of Privilege Vulnerability
Windows Secure Channel Elevation of Privilege Vulnerability
Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.
FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?
Successful exploitation of this vulnerability requires an attacker to win a race condition.
FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability?
An attacker who successfully exploited this vulnerability could gain domain administrator privileges.
Windows Secure Channel: Windows Secure Channel
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Ex
No detection rules found.
No public exploits indexed.
2025-04-08
Published