⚠ Actively exploited
Added to CISA KEV on 2025-05-13. Federal agencies required to patch by 2025-06-03. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable..
CVE-2025-32709 — Use After Free in Microsoft Windows 10 Version 1507
Severity
7.8HIGHNVD
EPSS
0.6%
top 30.94%
CISA KEV
KEV
Added 2025-05-13
Due 2025-06-03
Exploit
No known exploits
Affected products
Timeline
PublishedMay 13
KEV addedMay 13
KEV dueJun 3
Latest updateApr 16
CISA Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Description
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages26 packages
🔴Vulnerability Details
4VulDB▶
Microsoft Windows up to Server 2025 Ancillary Function Driver for WinSock use after free (EUVD-2025-14439 / Nessus ID 306737)↗2026-04-16
CVEList
▶
GHSA▶
GHSA-jwq6-vvcv-h2px: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally↗2025-05-13
📋Vendor Advisories
2🕵️Threat Intelligence
9Tenable▶
Microsoft’s May 2025 Patch Tuesday Addresses 71 CVEs (CVE-2025-32701, CVE-2025-32706, CVE-2025-30400)↗2025-05-13