Vulnerability Details CVE-2025-60710
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.18
EPSS Ranking 95.2%
CVSS Severity
CVSS v3 Score 7.8
Proposed Action
Microsoft Windows contains a link following vulnerability that allows for privilege escalation
Ransomware Campaign
Unknown
References
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60710
- https://www.vicarius.io/vsociety/posts/cve-2025-60710-detection-script-eop-vulnerability-in-host-process-for-windows-tasks
- https://www.vicarius.io/vsociety/posts/cve-2025-60710-mitigation-script-eop-vulnerability-in-host-process-for-windows-tasks
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-60710
Products affected by CVE-2025-60710
-
cpe:2.3:o:microsoft:windows_11_24h2:-
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.1742
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.2033
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.2161
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.2314
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.2454
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.2605
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.2894
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3107
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3194
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3403
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3476
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3775
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3981
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.4061
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.4270
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.4349
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.4652
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.4851
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.4946
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.6508
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.6563
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.6584
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.6899
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.7092
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.7171
-
cpe:2.3:o:microsoft:windows_11_25h2:-
-
cpe:2.3:o:microsoft:windows_11_25h2:10.0.26200.6899
-
cpe:2.3:o:microsoft:windows_11_25h2:10.0.26200.7092
-
cpe:2.3:o:microsoft:windows_11_25h2:10.0.26200.7171
-
cpe:2.3:o:microsoft:windows_server_2025:-
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.2033
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.2314
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.2605
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.2894
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3107
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3194
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3403
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3476
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3775
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3781
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3981
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4061
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4066
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4270
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4349
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4652
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4656
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4851
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4946
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6508
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6563
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6584
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6899
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6905
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.7092
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.7171