CVE-2025-62215

Name of the Vulnerable Software and Affected Versions Microsoft Windows (affected versions not specified)

Description A race condition exists in the Windows Kernel due to improper synchronization when multiple threads concurrently access shared kernel resources. This flaw allows a local authenticated attacker with low privileges to manipulate the kernel state and perform privileged operations, resulting in an escalation to SYSTEM privileges and complete control over the affected machine. Technical analysis indicates the issue occurs in ntoskrnl.exe when the SepDuplicateToken() function prematurely releases a lock during token duplication, leading to a double free (a situation where memory is released twice) during the execution of the internal function SepMakeTokenEffectiveOnly(). This memory corruption allows the attacker to overwrite the kernel heap and hijack the system execution flow. This issue has been actively exploited in the wild.

Recommendations Apply the Microsoft November 2025 security updates to correct the synchronization logic and prevent unsafe concurrent access to kernel resources.