CVE-2026-25187
published 2026-03-10CVE-2026-25187: Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.
Affected
43 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1607 | < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_10_1809 | < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_10_21h2 | < 10.0.19044.7058 | 10.0.19044.7058 |
| microsoft | windows_10_22h2 | < 10.0.19045.7058 | 10.0.19045.7058 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.7058 | 10.0.19044.7058 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.7058 | 10.0.19045.7058 |
| microsoft | windows_11_23h2 | < 10.0.22631.6783 | 10.0.22631.6783 |
| microsoft | windows_11_24h2 | < 10.0.26100.7979 | 10.0.26100.7979 |
| microsoft | windows_11_25h2 | < 10.0.26200.7979 | 10.0.26200.7979 |
| microsoft | windows_11_26h1 | < 10.0.28000.1719 | 10.0.28000.1719 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.6783 | 10.0.22631.6783 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.6783 | 10.0.22631.6783 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.8037 | 10.0.26100.8037 |
| microsoft | windows_11_version_25h2 | >= 10.0.26200.0 < 10.0.26200.8037 | 10.0.26200.8037 |
| microsoft | windows_11_version_26h1 | >= 10.0.28000.0 < 10.0.28000.1719 | 10.0.28000.1719 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.25973 | 6.2.9200.25973 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.23074 | 6.3.9600.23074 |
| microsoft | windows_server_2016 | < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_server_2019 | < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_server_2022 | < 10.0.20348.4830 | 10.0.20348.4830 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vulncheck7.8HIGH