CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege Escalation

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about the active exploitation of a new zero-day vulnerability in Microsoft Windows.

This security flaw, tracked as CVE-2025-62215, affects the Windows Kernel and could allow attackers to escalate their privileges if successfully exploited.

Overview of the Vulnerability

CVE-2025-62215 is a race condition vulnerability in the core of Microsoft Windows, the Windows Kernel.

A race condition occurs when multiple processes access shared resources in a way that causes unintended behavior.

In this case, the flaw means a local attacker, someone already on a computer with limited access, could exploit the vulnerability to gain SYSTEM-level privileges, the highest level of access in Windows systems.

This would give the attacker complete control of the affected device. CISA’s alert followed researchers’ discovery of hackers exploiting this vulnerability in the wild.

While the known use in ransomware campaigns remains unclear, gaining SYSTEM ...