Vulnerabilities > CVE-2025-29824 - Use After Free vulnerability in Microsoft products
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Related news
- Microsoft: Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’ (source)
- Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed (source)
- Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization (source)
- May 2025 Patch Tuesday forecast: Panic, change, and hope (source)
References
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29824
- https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-detection-script
- https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-mitigation-script