CVE-2025-62215

Name of the Vulnerable Software and Affected Versions Microsoft Windows (affected versions not specified)

Description A race condition exists in the Windows Kernel due to improper synchronization when multiple threads concurrently access shared kernel resources. This flaw, which involves a double free (a situation where the system attempts to release the same memory block twice), can lead to kernel heap corruption and allow an attacker to overwrite memory and hijack the system execution flow. Specifically, the issue occurs in ntoskrnl.exe when the SepDuplicateToken() function prematurely releases a lock during token duplication, affecting the internal function SepMakeTokenEffectiveOnly(). A local authenticated attacker with low privileges can exploit this to elevate their privileges to SYSTEM, granting complete control over the affected machine. This issue has been actively exploited in the wild.

Recommendations Apply the Microsoft November 2025 security updates to correct the synchronization logic and prevent unsafe concurrent access to kernel resources.