CVE CVE

CVE-2025-32706

CISA Known Exploited Vulnerability (KEV)

Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability

May 13, 2025

June 3, 2025

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Weakness Enumeration

CWE-ID CWE Name

CWE-20
Improper Input Validation

Known Affected Software Configurations


cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.5965:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.5737:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7969:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.14393.5989:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.8148:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.5854:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20978:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3476:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_11_23h2:10.0.22631.5189:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.5737:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3775:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.5011:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.5965:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7876:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20978:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.21014:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_11_23h2:10.0.22631.5335:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.5854:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_11_23h2:10.0.22631.5335:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6414:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.5854:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.8148:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_11_22h2:10.0.22621.5191:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7970:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_11_23h2:10.0.22631.5189:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.5965:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_11_22h2:10.0.22621.5189:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.5854:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7876:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.5965:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.7137:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.7136:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3476:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3775:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.21034:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.21034:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20947:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_11_23h2:10.0.22631.5472:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.5737:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.5854:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.5737:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.7136:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.5737:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_11_22h2:10.0.22621.5472:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_11_22h2:10.0.22621.5335:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_11_22h2:10.0.22631.5191:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.7009:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.5854:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.8066:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_11_22h2:10.0.22621.5472:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7969:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7970:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.8066:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.5965:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.7009:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_11_22h2:10.0.22621.5191:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20947:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7428:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.7434:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_11_22h2:10.0.22621.5335:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_11_22h2:10.0.22621.5189:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.5011:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20796:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.7434:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3775:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.7314:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.7314:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_11_23h2:10.0.22631.5472:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.21014:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.5737:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_11_22h2:10.0.22621.5191:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.5965:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.4046:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4046:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.4046:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4046:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.5458:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.5458:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.4046:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.5576:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.2314:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_server_2025:-:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.1085:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.1251:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.763:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.1251:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.1128:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.763:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.1009:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.950:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.1189:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.1189:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.1009:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.887:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.887:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.830:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.830:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.950:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.1128:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.1085:*:*:*:azure:*:x64:*

Details

Source:
NVD
Published:
Updated:

Risk information

CVSS v3

Base score:
7.8
Severity:

HIGH

Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2

Not defined