Windows Kernel 0-Day Under Active Exploitation for Privilege Escalation
gbhackersMicrosoft has disclosed a critical Windows Kernel vulnerability that is currently under active exploitation in the wild.
Tracked as CVE-2025-62215, the flaw enables attackers to escalate privileges and gain elevated access on vulnerable Windows systems.
| Attribute | Details |
|---|---|
| CVE ID | CVE-2025-62215 |
| Type | Elevation of Privilege |
| Release Date | November 11, 2025 |
| Severity | Important |
| CVSS Score | 7.0 (6.5 Alternative) |
Vulnerability Details
The vulnerability is an elevation-of-privilege flaw in the Windows Kernel that stems from improper synchronization when multiple processes access shared resources simultaneously.
The weakness, classified under CWE-362 (Concurrent Execution using Shared Resource with Improper Synchronization) and CWE-415 (Double Free), allows local attackers with limited privileges to exploit a race condition and execute arbitrary code with system-level permissions.
Released on November 11, 2025, CVE-2025-62215 carries an “Important” severity rating with a CVSS 3.1 score of 7.0 (Microsoft assessment).
The vulnerability requires local access to exploit, meaning an attacker must ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE