KEVIntel

Vulnerability detail

Enriched intelligence for a single CVE

PRO Back to KEVs

7.8

CVSS
High

CVE-2025-60710

PUBLISHED

Host Process for Windows Tasks Elevation of Privilege Vulnerability

1 day faster than CISA KEV

Exploited in the wild Low complexity No user interaction

Vendor: Microsoft
Product: Windows 11 Version 24H2, Windows 11 Version 25H2, Windows Server 2025, Windows Server 2025 (Server Core installation)
Published: Nov 11, 2025
EPSS: 19.0% · 95% pctl

Automate this intelligence with the Pro API

Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.

Learn about Pro

Description

Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.

windows cisa microsoft

Weaknesses (CWE)

CWE-59

Improper Link Resolution Before File Access ('Link Following')

CVSS scores

CVSS v3.1 7.8 High

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation status

Exploited in the wild

Recorded 2026-06-01 13:07:10 UTC · CVE

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60710

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CVE First	2026-06-01 13:07 UTC
CISA	2026-06-02 14:02 UTC

Timeline

CVE ID Reserved

2025-09-26 05:03 UTC
CVE Published to Public

2025-11-11 17:59 UTC
Added to KEVIntel

2026-06-01 13:07 UTC
KEV confirmed by CISA

2026-06-02 14:02 UTC