CVE-2025-62218 — Race Condition in Microsoft Windows 10 Version 1607

CWE-362 — Race Condition4 documents4 sources

Severity

7.0HIGHNVD

EPSS

0.0%

top 92.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 10 Version 1607 Microsoft Windows 10 Version 1809 Microsoft Windows 10 Version 21h2 +12 more

Timeline

PublishedNov 11

Description

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages15 packages

▶NVDmicrosoft/windows_10_1607< 10.0.14393.8594

▶NVDmicrosoft/windows_10_1809< 10.0.17763.8027

▶NVDmicrosoft/windows_10_21h2< 10.0.19044.6575

▶NVDmicrosoft/windows_10_22h2< 10.0.19045.6575

▶NVDmicrosoft/windows_11_23h2< 10.0.22631.6199

🔴Vulnerability Details

CVEList

Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability↗2025-11-11

▶

GHSA

GHSA-ch5c-7857-6hrv: Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an author↗2025-11-11

▶

📋Vendor Advisories

Microsoft

Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability↗2025-11-11

▶