⚠ Actively exploited
Added to CISA KEV on 2025-12-09. Federal agencies required to patch by 2025-12-30. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable..

CVE-2025-62221Use After Free in Microsoft Windows 10 Version 1809

CWE-416Use After Free20 documents15 sources
Severity
7.8HIGHNVD
EPSS
3.2%
top 13.08%
CISA KEV
KEV
Added 2025-12-09
Due 2025-12-30
Exploit
No known exploits
Affected products
17
Microsoft Windows 10 Version 1809Microsoft Windows 10 Version 21h2Microsoft Windows 10 Version 22h2+14 more
Timeline
PublishedDec 9
KEV addedDec 9
KEV dueDec 30
CISA Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages17 packages

NVDmicrosoft/windows< 10.0.17763.8146+3
NVDmicrosoft/windows_10_1809< 10.0.17763.8146
NVDmicrosoft/windows_10_21h2< 10.0.19044.6691
NVDmicrosoft/windows_10_22h2< 10.0.19045.6691
NVDmicrosoft/windows_11_23h2< 10.0.22631.6345

🔴Vulnerability Details

3
GHSA
GHSA-4xhr-vh2p-rpch: Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally2025-12-09
CVEList
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability2025-12-09
VulnCheck
Microsoft Windows Use After Free Vulnerability2025

📋Vendor Advisories

2
CISA
Microsoft Windows Use After Free Vulnerability2025-12-09
Microsoft
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability2025-12-09

🕵️Threat Intelligence

14
Tenable
Microsoft’s December 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-62221)2025-12-09
Krebs
Microsoft Patch Tuesday, December 2025 Edition2025-12-09
Talos
Microsoft Patch Tuesday for December 2025 — Snort rules and prominent vulnerabilities2025-12-09
Qualys
Microsoft and Adobe Patch Tuesday, December 2025 Security Update Review2025-12-09
Talos
Microsoft Patch Tuesday for December 2025 — Snort rules and prominent vulnerabilities2025-12-09
CVE-2025-62221 — Use After Free in Microsoft | cvebase