← back
CVE-2025-60710

Host Process for Windows Tasks Elevation of Privilege Vulnerability

CVSS 7.8 HIGHEPSS 4.6%● KEVCWE-59
Vexday Risk Score
71High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 7.8EPSS 4.6%KEV simPoC públicaNuclei Metasploit Patch referenciado
Lifecycle
11 Nov 2025Published on NVD
11 Nov 2025Public PoC
13 Apr 2026Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

A flaw in Windows Tasks Host Process allows an authorized user on the system to gain higher privileges by exploiting how the system resolves file links. An attacker with local access can trick the system into accessing files they shouldn't be able to reach, gaining admin-level permissions.

Technical detail

CWE-59 link following vulnerability in Host Process for Windows Tasks enables local privilege escalation when the process improperly resolves symbolic or hard links before file access. An authenticated local attacker can exploit this to execute arbitrary code with elevated privileges; requires prior local system access.

Summary generated and translated by AI from the official description.
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected products
Microsoft · Windows 11 Version 24H2Microsoft · Windows 11 Version 25H2Microsoft · Windows Server 2025Microsoft · Windows Server 2025 (Server Core installation)
public PoCs found2
githubgithub.com/redpack-kr/CVE-2025-6071024githubgithub.com/Wh04m1001/CVE-2025-607105
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60710https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-60710https://www.vicarius.io/vsociety/posts/cve-2025-60710-detection-script-eop-vulnerability-in-host-process-for-windows-taskshttps://www.vicarius.io/vsociety/posts/cve-2025-60710-mitigation-script-eop-vulnerability-in-host-process-for-windows-tasks