PT-2025-20995 · Microsoft · Windows Common Log File System Driver+1
Dan Reynolds
+1
·
Published
2025-05-13
·
Updated
2025-05-15
·
CVE-2025-30385
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Windows Common Log File System Driver versions prior to the fixed version
Description:
The issue is related to a use-after-free flaw in the Windows Common Log File System Driver, which allows an authorized attacker to elevate privileges locally. This could potentially impact system security.
Recommendations:
For Windows 10 and 11, apply patch KB5058411.
For Windows Server, apply patch KB5058405.
As a temporary workaround, consider restricting access to the Windows Common Log File System Driver until a patch is applied.
Fix
LPE
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows Common Log File System Driver