CVE-2025-25008
HIGHDescription
Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.
Is your site exposed to CVE-2025-25008?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| microsoft | windows_server_2016 |
| microsoft | windows_server_2019 |
| microsoft | windows_server_2022 |
| microsoft | windows_server_2022_23h2 |
| microsoft | windows_server_2025 |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-25008? +
How severe is CVE-2025-25008? +
What products are affected by CVE-2025-25008? +
How do I check if I'm vulnerable to CVE-2025-25008? +
Related Vulnerabilities
Activepieces is an open source AI workflow automation platform. Prior to 0.82.0, the git-sync feature clones a user-configured Git repository …
Metabase is a business intelligence and embedded analytics tool. Versions prior to v0.52.16.4, v1.52.16.4, v0.53.8, and v1.53.8 are vulnerable to …
An Improper link resolution before file access ('link following') vulnerability in the File Shredder module as used in Bitdefender Total …
Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine in the Qt corelib module on Windows which potentially …
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.This issue affects HYPR …
Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2.