The vulnerability is a type confusion flaw in the Windows Win32K graphics kernel component, specifically the ICOMP interface. An authorized local user can supply crafted input that is interpreted as an incompatible type, allowing the kernel to execute code or alter data with elevated privileges. This results in a local privilege escalation that can enable the attacker to gain system‑level rights on the affected machine.

Affected systems include Microsoft Windows 11 releases 23H2, 24H2, 25H2, and 22H3, on both x64 and ARM64 architectures, as well as Windows Server 2022 and Windows Server 2025, including their server core installations. The flaw is present across these OS releases and all supported processors noted in the CPE entries.

The CVSS score of 7.8 categorizes the issue as high severity, and the EPSS score of less than 1 % indicates a low current exploit probability. The bug is not listed in the CISA KEV catalog, suggesting no publicly known exploitation has been reported. Attackers would need local access and the ability to trigger the type confusion via the Win32K subsystem. Once exploited, the attacker can gain ADMIN‑level rights, enabling further compromise of the system, data exfiltration, or deployment of malicious code. Organizations with unpatched Windows 11 or Server machines should prioritize applying the security update immediately.