A heap‑based buffer overflow exists within the Windows kernel that allows an authorized user to increase privileges on the affected system. The vulnerability can be triggered by a privileged process causing the kernel to write beyond the bounds of a heap buffer, potentially compromising system integrity and confidentiality. The impact is that an attacker who already has local access can obtain elevated privileges, which may enable further attacks such as remote code execution, data exfiltration, or persistence of malicious software.

The flaw affects all supported versions of Microsoft Windows Server from 2012 through 2025, including both full and server‑core installations. Affected releases include Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server 2022, Windows Server 2025, and the 23H2 edition (Server Core).

The CVSS score of 7.8 classifies the issue as high severity. The EPSS score is currently unreported, and the vulnerability is not listed in CISA KEV, indicating no known exploitation in the wild yet. The attack vector is inferred to be local, as the description specifies that an authorized attacker can trigger the overflow. An attacker requires local host access and administrative privileges or the ability to run code with sufficient authority to trigger the buffer overflow. Despite the lack of known public exploits, the combination of high severity and local privilege escalation potential warrants prompt action.