CVE-2025-60710
Host Process for Windows Tasks Elevation of Privilege Vulnerability
In short
A flaw in Windows Tasks Host Process allows an authorized user on the system to gain higher privileges by exploiting how the system resolves file links. An attacker with local access can trick the system into accessing files they shouldn't be able to reach, gaining admin-level permissions.
Technical detail
CWE-59 link following vulnerability in Host Process for Windows Tasks enables local privilege escalation when the process improperly resolves symbolic or hard links before file access. An authenticated local attacker can exploit this to execute arbitrary code with elevated privileges; requires prior local system access.
Summary generated and translated by AI from the official description.
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected products
Microsoft · Windows 11 Version 24H2Microsoft · Windows 11 Version 25H2Microsoft · Windows Server 2025Microsoft · Windows Server 2025 (Server Core installation)public PoCs found — 2
githubgithub.com/redpack-kr/CVE-2025-60710★ 24githubgithub.com/Wh04m1001/CVE-2025-60710★ 5⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60710https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-60710https://www.vicarius.io/vsociety/posts/cve-2025-60710-detection-script-eop-vulnerability-in-host-process-for-windows-taskshttps://www.vicarius.io/vsociety/posts/cve-2025-60710-mitigation-script-eop-vulnerability-in-host-process-for-windows-tasks