CVE-2025-32706

Name of the Vulnerable Software and Affected Versions Windows Common Log File System Driver versions prior to the fixed version

Description The issue is related to improper input validation in the Windows Common Log File System Driver, allowing an authorized attacker to elevate privileges locally. This vulnerability has been exploited in real-world attacks, with cases reported in companies in the USA, Venezuela, Spain, and Saudi Arabia. The estimated number of potentially affected devices is not specified.

Recommendations To resolve the issue, update the Windows Common Log File System Driver to the latest version. As a temporary workaround, consider restricting access to the vulnerable driver until a patch is available. Additionally, ensure that all security updates from Microsoft are installed, as they may include patches for this vulnerability. If no specific fix is provided for a particular version, it is recommended to follow general best practices for securing Windows systems.