VDB
GCVE-110-NCSC-2025-383
GCVE-110-NCSC-2025-383
Advisory PublishedCVSS 7.8/10
A heap-based buffer overflow vulnerability in the Windows Cloud Files Mini Filter Driver allows an authorized attacker to locally elevate their privileges.
Weaknesses (CWE)
CWE-122Heap-based Buffer OverflowCWE-125Out-of-bounds ReadCWE-476NULL Pointer DereferenceCWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')CWE-416Use After FreeCWE-126Buffer Over-readCWE-822Untrusted Pointer DereferenceCWE-20Improper Input ValidationCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-284Improper Access ControlCWE-306Missing Authentication for Critical FunctionCWE-191Integer Underflow (Wrap or Wraparound)
Risk Scores
CVSS 3.1
7.8/10
High · CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Microsoft | vers:unknown/* | — | — |
Aliases
CVE-2025-55233CVE-2025-59516CVE-2025-59517CVE-2025-62221CVE-2025-62454CVE-2025-62455CVE-2025-62456CVE-2025-62457CVE-2025-62458CVE-2025-62461CVE-2025-62462CVE-2025-62463CVE-2025-62464CVE-2025-62465CVE-2025-62466CVE-2025-62467CVE-2025-62468CVE-2025-62469CVE-2025-62470CVE-2025-62472CVE-2025-62473CVE-2025-62474CVE-2025-62549CVE-2025-62565CVE-2025-62567CVE-2025-62569CVE-2025-62570CVE-2025-62571CVE-2025-62572CVE-2025-62573CVE-2025-64658CVE-2025-64661CVE-2025-64670CVE-2025-64673CVE-2025-64678CVE-2025-64679CVE-2025-64680
References
Browse GCVE Records
73,161 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.