CVE-2025-25008

Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*

History

01 Jul 2025, 19:48

Type Values Removed Values Added
First Time Microsoft
Microsoft windows Server 2016
Microsoft windows Server 2022 23h2
Microsoft windows Server 2019
Microsoft windows Server 2025
Microsoft windows Server 2022
References () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25008 - () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25008 - Vendor Advisory
CPE cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*

11 Mar 2025, 17:16

Type Values Removed Values Added
New CVE

Information

Published : 2025-03-11 17:16

Updated : 2025-07-01 19:48


NVD link : CVE-2025-25008

Mitre link : CVE-2025-25008


JSON object : View

Products Affected

microsoft

  • windows_server_2022_23h2
  • windows_server_2022
  • windows_server_2025
  • windows_server_2016
  • windows_server_2019
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')