CVE-2025-59241
published 2025-10-14CVE-2025-59241: Improper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to elevate…
PriorityP345high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.32%
23.0th percentile
Improper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to elevate privileges locally.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_11_24h2 | < 10.0.26100.6899 | 10.0.26100.6899 |
| microsoft | windows_11_25h2 | < 10.0.26200.6899 | 10.0.26200.6899 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.6899 | 10.0.26100.6899 |
| microsoft | windows_11_version_25h2 | >= 10.0.26200.0 < 10.0.26200.6899 | 10.0.26200.6899 |
| msrc | windows_11_version_24h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_25h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_25h2_for_x64-based_systems | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Windows Health and Optimized Experiences Elevation of Privilege Vulnerability
vendor_msrc·2025-10-14·CVSS 7.8
CVE-2025-59241 [HIGH] CWE-59 Windows Health and Optimized Experiences Elevation of Privilege Vulnerability
Windows Health and Optimized Experiences Elevation of Privilege Vulnerability
Description: Improper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to elevate privileges locally.
FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability?
An attacker who successfully exploited this vulnerability could gain administrator privileges.
Windows Health and Optimized Experiences Service: Windows Health and Optimized Experiences Service
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely
Reference: https://catalog.update.microsoft.com/v7/
GHSA
GHSA-4f37-vrhf-j285: Improper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to el
ghsa_unreviewed·2025-10-14
CVE-2025-59241 [HIGH] CWE-59 GHSA-4f37-vrhf-j285: Improper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to el
Improper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to elevate privileges locally.
No detection rules found.
No public exploits indexed.
2025-10-14
Published