Skip to main content

Winlogon CVE-2026-25187

HIGH
Improper Link Resolution Before File Access (CWE-59)
2026-03-10 secure@microsoft.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Mar 10, 2026 - 18:18 nvd
HIGH 7.8

DescriptionCVE.org

Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.

AnalysisAI

Windows Winlogon's failure to properly validate symbolic links before file access enables local privilege escalation on affected Windows Server and Windows 10/11 systems. An authenticated attacker can exploit this vulnerability to gain elevated system privileges without user interaction. No patch is currently available for this high-severity issue affecting multiple Windows versions including Server 2025 and Windows 11 26h1.

Technical ContextAI

Classified as CWE-59 (Improper Link Resolution Before File Access). Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.

RemediationAI

Monitor vendor advisories for a patch.

Share

CVE-2026-25187 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy