CVE-2025-60718
published 2025-11-11CVE-2025-60718: Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.
PriorityP344high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.41%
32.2th percentile
Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_11_24h2 | < 10.0.26100.7092 | 10.0.26100.7092 |
| microsoft | windows_11_25h2 | < 10.0.26200.7092 | 10.0.26200.7092 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.7171 | 10.0.26100.7171 |
| microsoft | windows_11_version_25h2 | >= 10.0.26200.0 < 10.0.26200.7171 | 10.0.26200.7171 |
| msrc | windows_11_version_24h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_25h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_25h2_for_x64-based_systems | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Windows Administrator Protection Elevation of Privilege Vulnerability
vendor_msrc·2025-11-11·CVSS 7.8
CVE-2025-60718 [HIGH] CWE-426 Windows Administrator Protection Elevation of Privilege Vulnerability
Windows Administrator Protection Elevation of Privilege Vulnerability
Description: Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.
FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability?
With successful exploitation of this vulnerability, an attacker could gain elevated privileges equivalent to a system managed administrator, allowing them to execute arbitrary code with high integrity and bypass administrator protections.
Windows Administrator Protection: Windows Administrator Protection
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely
Refe
GHSA
GHSA-c6hg-4787-fv6f: Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally
ghsa_unreviewed·2025-11-11
CVE-2025-60718 [HIGH] CWE-426 GHSA-c6hg-4787-fv6f: Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally
Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.
No detection rules found.
No public exploits indexed.
2025-11-11
Published