KEV · Actively exploited
CVE-2025-62215
HIGH 7.0
KEV
Windows Kernel Elevation of Privilege Vulnerability
EPSS
2.37%
above median
percentile 85.3%
CISA Known Exploited Vulnerability
- Added to KEV
- 2025-11-12
- Remediation deadline
- 2025-12-03
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Ransomware
- No
OS versions that fix this CVE
This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.
- Windows Fixed in Windows Server 2025 (Server Core installation) 10.0.26100.7171 Windows Server 2025 10.0.26100.7171 Windows Server 2022 (Server Core installation) 10.0.20348.4405 Windows Server 2022 10.0.25398.1965 Windows Server 2019 (Server Core installation) 10.0.17763.8027 Windows Server 2019 10.0.17763.8027 Windows 11 25H2 · 2025-H2 10.0.26200.7171 Windows 11 24H2 · 2024-H2 10.0.26100.7171 Windows 11 23H2 · 2023-H2 10.0.22631.6199 Windows 10 22H2 · 2022-H2 10.0.19045.6575 Windows 10 21H2 · 2021-H2 10.0.19044.6575 Windows 10 1809 · 2018-09 10.0.17763.8027