CVE-2025-59277

High

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges…

secure@microsoft.com·CWE-1287·Published 2025-10-14

CVSS

7.8

EPSS

0.00

KEV

Exploits

cve.orgen

141 chars

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

NVDen

141 chars

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.8	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.1	Secondary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H