Impact
The flaw is a missing authentication check that permits an authorized local user to call a critical VSP Driver procedure without proper verification. This omission is rooted in improper authentication mechanisms and potential path handling weaknesses, as reflected by the associated weakness types. When exploited, the attacker can raise their privileges, potentially gaining administrative rights on the host and compromising confidentiality and integrity of the system.
Affected Systems
Microsoft Windows 10 versions 1809, 21H2, 22H2; Windows 11 versions 22H3, 23H2, 24H2, 25H2; Windows Server 2019; Windows Server 2022 including the 23H2 Edition Server Core; and Windows Server 2025 including Server Core. Both 32‑bit and 64‑bit builds are affected as the vendor’s information covers x86 and x64 platforms.
Risk and Exploitability
The CVSS score of 7.8 rates the issue as high severity, but an EPSS score of 2% indicates a low probability of exploitation in the near term. The vulnerability is not listed in the CISA KEV catalog, suggesting no large‑scale exploitation has been observed. Based on the description, a local attacker with the ability to invoke the vulnerable driver function—likely via an existing local privilege or by executing custom code—can bypass authentication checks and elevate their privileges. Remote exploitation is not implied by the available data.
OpenCVE Enrichment