CVE-2025-62221
published 2025-12-09CVE-2025-62221: Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
KEV
CISA Known Exploited Vulnerabilitydue 2025-12-30
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1809 | < 10.0.17763.8146 | 10.0.17763.8146 |
| microsoft | windows_10_21h2 | < 10.0.19044.6691 | 10.0.19044.6691 |
| microsoft | windows_10_22h2 | < 10.0.19045.6691 | 10.0.19045.6691 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.8146 | 10.0.17763.8146 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.6691 | 10.0.19044.6691 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.6691 | 10.0.19045.6691 |
| microsoft | windows_11_23h2 | < 10.0.22631.6345 | 10.0.22631.6345 |
| microsoft | windows_11_24h2 | < 10.0.26100.7392 | 10.0.26100.7392 |
| microsoft | windows_11_25h2 | < 10.0.26200.7392 | 10.0.26200.7392 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.6345 | 10.0.22631.6345 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.6345 | 10.0.22631.6345 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.7462 | 10.0.26100.7462 |
| microsoft | windows_11_version_25h2 | >= 10.0.26200.0 < 10.0.26200.7462 | 10.0.26200.7462 |
| microsoft | windows_server_2019 | < 10.0.17763.8146 | 10.0.17763.8146 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.8146 | 10.0.17763.8146 |
| microsoft | windows_server_2022 | < 10.0.20348.4467 | 10.0.20348.4467 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.4529 | 10.0.20348.4529 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.2025 | 10.0.25398.2025 |
| microsoft | windows_server_2025 | < 10.0.26100.7392 | 10.0.26100.7392 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.7462 | 10.0.26100.7462 |
| msrc | windows_10_version_1809 | — | — |
| msrc | windows_10_version_21h2 | — | — |
| msrc | windows_10_version_22h2 | — | — |
| msrc | windows_11_version_23h2 | — | — |
| msrc | windows_11_version_24h2 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vulncheck7.8HIGH
cisa7.8HIGH