A heap‑based buffer overflow in the Windows Kernel permits an attacker with local execution rights to gain elevated privileges, potentially compromising the entire system. The flaw exploits improper bounds checking, classified under CWE‑122 (Heap Based Buffer Overflow) and CWE‑787 (Out‑of‑Bounds Write). Once exploited, the attacker can run code with system privileges, leading to unauthorized access, data exfiltration, or further lateral movement within the local network.

Microsoft Windows 10 versions 1607, 1809, 21H2, and 22H2, as well as Windows 11 versions 23H2, 24H2, 25H2, and 22H3 are affected. Windows Server editions from 2012 through 2025, including Server Core installations and the 23H2 edition, also contain the vulnerability. All listed builds rely on the same kernel code path that suffers from the buffer overflow.

The CVSS score of 7.8 reflects a high severity for local privilege escalation. The EPSS score, below 1 %, indicates a very low probability of exploitation in the wild at the time of this analysis, and the vulnerability is not currently in the CISA KEV catalog. Exploitation requires local code execution; an attacker must either run malicious code or manipulate a process that can allocate the vulnerable heap object. As the flaw resides in the kernel, successful exploitation results in full system compromise. The overall risk is moderate-high for environments with weak local access controls, particularly those running unpatched systems.