← back
CVE-2025-32709

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVSS 7.8 HIGHEPSS 1.7%● KEVCWE-416
Vexday Risk Score
71High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 7.8EPSS 1.7%KEV simPoC públicaNuclei Metasploit Patch referenciado
Lifecycle
13 May 2025Active exploitation (CISA KEV)
13 May 2025Published on NVD
04 Sep 2025Public PoC
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

A bug in Windows networking software allows someone with basic user access to crash the system or gain admin-level control by exploiting unsafe memory handling.

Technical detail

Null pointer dereference in the Windows Ancillary Function Driver for WinSock (CWE-416) enables local privilege escalation when an authenticated attacker triggers improper memory access, leading to kernel-mode code execution without requiring additional exploitation techniques.

Summary generated and translated by AI from the official description.
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →