Vulnerability Identifier

CVE-2025-62221

2025-12-09

Severity Assessment

7.8

HIGH

CVSS v3.x Score

CISA KEV Active Alert

Date Added

01 Jan 1970

Due Date

N/A

Required Action

Apply updates per vendor instructions.

Clinical Analysis (Description)

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

Vector Sequencing

Attack Parameters

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Impact Consequences

Technical Impact

Unchanged

Scope

High

Confidentiality

High

Integrity

High

Availability

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weakness Classification

CWE-CWE-416

View CWE Details ↗

Affected Population

Affected Configurations

Total: 85 detected entries

Software List Scrollable

windows_10_22h2

Vendor: microsoft • v10.0.19045.2728

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1551

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1486

windows_10_22h2

Vendor: microsoft • v10.0.19045.2788

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1965

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1913

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1369

windows_10_22h2

Vendor: microsoft • v10.0.19045.3930

windows_10_22h2

Vendor: microsoft • v10.0.19045.5011

windows_10_22h2

Vendor: microsoft • v10.0.19045.5371

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1425

windows_11_25h2

Vendor: microsoft • v10.0.26200.7171

windows_10_22h2

Vendor: microsoft • v10.0.19045.4046

windows_10_22h2

Vendor: microsoft • v10.0.19045.4651

windows_10_22h2

Vendor: microsoft • v10.0.19045.4291

windows_10_22h2

Vendor: microsoft • v10.0.19045.4412

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1308

windows_10_22h2

Vendor: microsoft • v10.0.19045.3803

windows_10_22h2

Vendor: microsoft • v10.0.19045.3516

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.531

windows_10_22h2

Vendor: microsoft • v10.0.19045.5737

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1916

windows_10_22h2

Vendor: microsoft • v10.0.19045.2673

windows_10_22h2

Vendor: microsoft • v10.0.19045.5608

windows_10_22h2

Vendor: microsoft • v10.0.19045.6575

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1251

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.887

windows_10_22h2

Vendor: microsoft • v10.0.19041.3920

windows_10_22h2

Vendor: microsoft • v10.0.19045.2965

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.521

windows_10_22h2

Vendor: microsoft • v10.0.19045.2604

windows_11_25h2

Vendor: microsoft • v10.0.26200.7092

windows_10_22h2

Vendor: microsoft • v10.0.19045.2486

windows_10_22h2

Vendor: microsoft • v10.0.19045.2846

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1128

windows_10_22h2

Vendor: microsoft • v10.0.19045.2546

windows_10_22h2

Vendor: microsoft • v10.0.19045.6332

windows_10_22h2

Vendor: microsoft • v10.0.19045.5854

windows_10_22h2

Vendor: microsoft • v10.0.19045.3271

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.763

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1732

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1665

windows_10_22h2

Vendor: microsoft • v10.0.19045.4894

windows_10_22h2

Vendor: microsoft • v10.0.19045.4170

windows_10_22h2

Vendor: microsoft • v10.0.19045.2913

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1189

windows_10_22h2

Vendor: microsoft • v10.0.19045.3086

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1611

windows_10_22h2

Vendor: microsoft • v10.0.19045.6321

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1009

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1849

windows_10_22h2

Vendor: microsoft • v10.0.19045.2364

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1791

windows_10_22h2

Vendor: microsoft • v10.0.19045.2130

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.830

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.950

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.709

windows_10_22h2

Vendor: microsoft • v10.0.19045.3208

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1840

windows_10_22h2

Vendor: microsoft • v10.0.19045.5247

windows_10_22h2

Vendor: microsoft • v10.0.19044.2486

windows_10_22h2

Vendor: microsoft • v10.0.19045.6216

windows_10_22h2

Vendor: microsoft • v10.0.19045.6456

windows_10_22h2

Vendor: microsoft • v10.0.19045.3693

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1668

windows_10_22h2

Vendor: microsoft • v10.0.19045.5965

windows_10_22h2

Vendor: microsoft • v10.0.19045.5131

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.584

windows_10_22h2

Vendor: microsoft • v10.0.19045.6093

windows_10_22h2

Vendor: microsoft • v10.0.19044.3324

windows_10_22h2

Vendor: microsoft • v10.0.19045.3570

windows_10_22h2

Vendor: microsoft • v10.0.19045.5487

windows_11_25h2

Vendor: microsoft • v10.0.26200.6899

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.1085

windows_10_22h2

Vendor: microsoft • v10.0.19045.3393

windows_10_22h2

Vendor: microsoft • v10.0.19045.3324

windows_10_22h2

Vendor: microsoft • v10.0.19045.2251

windows_10_22h2

Vendor: microsoft • v10.0.19045.3448

windows_10_22h2

Vendor: microsoft • v10.0.19042.2486

windows_10_22h2

Vendor: microsoft • v10.0.19045.2311

windows_10_22h2

Vendor: microsoft • v10.0.19045.3087

windows_10_22h2

Vendor: microsoft • v10.0.19045.3031

windows_10_22h2

Vendor: microsoft • v10.0.19045.3155

windows_10_22h2

Vendor: microsoft • v10.0.19045.4780

windows_server_2022_23h2

Vendor: microsoft • v10.0.25398.643

Timeline

Time Line

PUBLICATION

09 Dec 2025

MODIFICATION

10 Dec 2025

Impact Statistics

Key Metrics

CVSS Score

7.8

HIGH

Products

Affected

Articles

Published

Active Exploitation Confirmed

Remediation Protocol

Immediate Action Plan

1. Inventory

Identify all affected systems in your infrastructure.

2. Assessment

Assess exposure and criticality for your organization.

3. Mitigation

Apply patches or available workarounds.

4. Verification

Test and confirm effectiveness of applied measures.

⚠️ MAXIMUM PRIORITY - Immediate action required

Sources & Bibliography

NIST NVD MITRE CVE External Reference ↗ External Reference ↗

CVE Vulnerabilities

Posts & Pages

CVE-2025-62221

CISA KEV Active Alert

Attack Parameters

Technical Impact

CWE-CWE-416

Affected Configurations

Time Line

Key Metrics

Recommended Solution

Related News Articles

Microsoft Patch Tuesday, December 2025 Edition: A Comprehensive Security Update

Immediate Action Plan

1. Inventory

2. Assessment

3. Mitigation

4. Verification