CVE-2025-49762Race Condition in Microsoft Windows 10 Version 1507

CWE-362Race Condition4 documents4 sources
Severity
7.0HIGHNVD
EPSS
0.1%
top 83.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
27
Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607Microsoft Windows 10 Version 1809+24 more
Timeline
PublishedAug 12

Description

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages26 packages

NVDmicrosoft/windows< 10.0.14393.8330+5
NVDmicrosoft/windows_10_1507< 10.0.10240.21100
NVDmicrosoft/windows_10_1607< 10.0.14393.8330
NVDmicrosoft/windows_10_1809< 10.0.17763.7678
NVDmicrosoft/windows_10_21h2< 10.0.19044.6216

🔴Vulnerability Details

2
GHSA
GHSA-xh2c-5r7j-3g84: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an2025-08-12
CVEList
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability2025-08-12

📋Vendor Advisories

1
Microsoft
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability2025-08-12
CVE-2025-49762 — Race Condition in Microsoft | cvebase