CVE-2025-60710

Analyzed

Published: 11 Nov 2025, 17:59

Last modified:14 Apr 2026, 03:55

Vulnerability Summary

Overall Risk (default)

medium

36/100

CVSS Score

7.8 HIGH

v3.1 (cve.org)

EPSS Score

22.9% HIGH

23% probability +22.66%

KEV

Listed

CISA

1 listing

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

11 Nov 2025, 17:59

Published

Vulnerability first disclosed

13 Apr 2026, 00:00

Added to CISA KEV

Microsoft Windows Link Following Vulnerability

14 Apr 2026, 03:55

Last Modified

Vulnerability information updated

27 Apr 2026, 00:00

CISA Remediation Due

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.

CVSS Metrics

v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 22.90%• Percentile: 96%

Techniques & Countermeasures

CWE-59•Improper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Affected Systems

microsoft•windows_11_24h2
< 10.0.26100.7392
microsoft•windows_11_25h2
< 10.0.26200.7092 | < 10.0.26200.7392
microsoft•windows 11 version 24h2
≥ 10.0.26100.0, < 10.0.26100.7462
microsoft•windows 11 version 25h2
≥ 10.0.26200.0, < 10.0.26200.7462
microsoft•windows_server_2025
≥ 10.0.26100.0, < 10.0.26100.7462 | < 10.0.26100.7392
microsoft•windows server 2025 (server core installation)
≥ 10.0.26100.0, < 10.0.26100.7462