Impact
A heap-based buffer overflow exists within the Windows NTFS file system component. When an authorized local user causes NTFS to process crafted input, the overflow permits execution of arbitrary code in the context of the NTFS process. The weakness is classified as CWE‑122.
Affected Systems
Microsoft Windows 10 versions 1607, 1809, 21H2, 22H2; Windows 11 versions 22H3, 23H2, 24H2, 25H2; Windows Server 2008 R2 SP1, 2008 SP2, 2012, 2012 R2, 2016, 2019, 2022 (including the 23H2 edition), and 2025 (including Server Core installations).
Risk and Exploitability
The CVSS score of 7.8 indicates a high severity local impact, while the EPSS score of 2% suggests a low probability of exploitation at present. The vulnerability is not currently listed in the CISA KEV catalog. Exploitation requires an attacker to have authorized local access and to trigger the NTFS heap overflow, after which malicious code would run in the context of the NTFS process.
OpenCVE Enrichment