Microsoft · Windows · CVE-2025-50168
**Name of the Vulnerable Software and Affected Versions**
Microsoft Windows versions (affected versions not specified)
**Description**
The issue relates to a type confusion in the Win32k.sys component of the Windows operating system. This type confusion occurs during resource access through incompatible types within the ICOMP component. Successful exploitation could allow an attacker to elevate privileges locally. The vulnerability was discovered during the Pwn2Own competition.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.