CVE-2025-60719
Title: Untrusted Pointer Dereference in Windows AFD.sys
Other
Proof Of Concept
PoC Available for CVE-2025-60719
CWE Category
CWE-822
Published Date
Nov 11, 2025
Modified Date
Nov 17, 2025
Exploit Status
Available
Score
7.0
CVSS v3.1
Exploit Probability (EPSS)
1.68%
Vulnerability Summary
CVE-2025-60719: Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Impacted Vendors
Reference Links
CVSS v3.1
Source Entity
[email protected]
Severity
HIGH
7.0
Attack Vector
LOCAL
Complexity
HIGH
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
Likelihood
Severity
Page /
CVE-2025-60719 Exploits & PoCs (Proof Of Concept)
GitHub
https://github.com/akamai/CVE-2025-60719-AFD.SYS
MODIFIED
Vulnerability data or affected products updated.
MODIFIED
Vulnerability data updated via NVD.
PUBLISHED
Vulnerability first announced in NVD.
Attack Vector Matrix
Access Vector
LOCAL
Complexity
HIGH
Privileges
N/A
Interaction
NONE
CVSS Vector String
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Stack
No specific products linked.