- Description
- Time-of-check time-of-use (toctou) race condition in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_22h2, windows_11_23h2, windows_11_24h2, windows_11_25h2, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Primary
- Base score
- 7
- Impact score
- 5.9
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-367
- Hype score
- Not currently trending
CVE 2025 55680 PoC:No Public PoC? Watch AI Build One for CVE-2025-55680 ... https://t.co/buFct2D3bZ via @YouTube
@penligent
1 Dec 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[1day1line] CVE-2025-55680: LPE vulnerability in the Windows Cloud Files minifilter driver (cldflt.sys) via a TOCTOU race condition https://t.co/BTvAzbAIk8 This vulnerability abuses the fact that, when handling placeholder creation requests, the driver checks the user buffer ht
@hackyboiz
22 Nov 2025
3376 Impressions
13 Retweets
38 Likes
12 Bookmarks
0 Replies
0 Quotes
New! Cloud Filter Arbitrary File Creation EoP Patch Bypass LPE - CVE-2025-55680 https://t.co/hGyKi50YSb
@_r_netsec
15 Nov 2025
533 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidad en productos AMD ❗CVE-2025-55680 ➡️Más info: https://t.co/ODtjgmspwt https://t.co/f4nXbjrPln
@CERTpy
14 Nov 2025
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidad en productos Microsoft ❗CVE-2025-55680 ➡️Más info: https://t.co/ABYZ2euOTS https://t.co/AD3UUqEoFO
@CERTpy
12 Nov 2025
111 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
A High-severity LPE flaw (CVE-2025-55680) in the Windows Cloud Files Driver allows local users to gain SYSTEM privileges by exploiting a TOCTOU race condition. Patch immediately. #WindowsLPE #TOCTOU #Cybersecurity #PatchBypass https://t.co/Sf8VExlcl7
@the_yellow_fall
10 Nov 2025
475 Impressions
3 Retweets
7 Likes
2 Bookmarks
0 Replies
0 Quotes
Windows Cloud Files Minifilter の脆弱性 CVE-2025-55680:権限昇格などの恐れ https://t.co/ZgQDwLwpq7 Cloud Files Minifilter (cldflt.sys) がユーザー空間バッファをカーネルにマップしてから、禁止文字チェックとファイル作成を呼び
@iototsecnews
10 Nov 2025
89 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PoC Exploit Released for CVE-2025-55680 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Flaw https://t.co/CcUyVJcwZh
@Karma_X_Inc
10 Nov 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New! Cloud Filter Arbitrary File Creation EoP Patch Bypass LPE - CVE-2025-55680 https://t.co/hGyKi50YSb
@_r_netsec
9 Nov 2025
315 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New! Cloud Filter Arbitrary File Creation EoP Patch Bypass LPE - CVE-2025-55680 https://t.co/hGyKi50YSb
@_r_netsec
8 Nov 2025
646 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
New! Cloud Filter Arbitrary File Creation EoP Patch Bypass LPE - CVE-2025-55680 https://t.co/YWSf1HEIJW https://t.co/Yy2zHnKM54
@secharvesterx
5 Nov 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New! Cloud Filter Arbitrary File Creation EoP Patch Bypass LPE - CVE-2025-55680 https://t.co/hGyKi50YSb
@_r_netsec
5 Nov 2025
1951 Impressions
2 Retweets
8 Likes
8 Bookmarks
0 Replies
0 Quotes
Windowsのクラウド同期機能を支えるドライバに重大な競合状態の脆弱性が存在するとして、Microsoftが2025年10月に修正を行った。攻撃者はこの欠陥を突き、任意の場所にファイルを作成して権限昇格を達成できる
@yousukezan
30 Oct 2025
1405 Impressions
1 Retweet
16 Likes
2 Bookmarks
0 Replies
0 Quotes
On the note of CVE-2025-55680, here's CVE-2025-50170 a logic bug I reported a while back in the same function. Allows me to corrupt any libraries(e.g NTDLL.DLL) on the system, even those already loaded in another process's memory. https://t.co/q0osjkrmij
@minacrissDev_
21 Oct 2025
833 Impressions
1 Retweet
3 Likes
2 Bookmarks
0 Replies
0 Quotes
On the note of CVE-2025-55680, here's CVE-2025-50170 a logic bug I reported a while back in the same function. Allows me to corrupt any libraries(e.g NTDLL.DLL) on the system, even those already loaded in another process's memory. https://t.co/HAflYBhnrO
@cplearns2h4ck
21 Oct 2025
6506 Impressions
21 Retweets
132 Likes
40 Bookmarks
1 Reply
0 Quotes
A zero day I found last year has been patched on October (CVE-2025-55680) :(, it was a nice and easy patch bypass. Here the write-up https://t.co/70ZglevS15
@s1ckb017
21 Oct 2025
10998 Impressions
45 Retweets
140 Likes
68 Bookmarks
1 Reply
1 Quote
Critical Windows Minifilter Flaw Lets Hackers Escalate Privileges A critical vulnerability in Microsoft Windows Cloud Minifilter (CVE-2025-55680) was patched, fixing a race condition enabling privilege escalation and arbitrary file creation. Discovered by Exodus Intelligence in
@Secwiserapp
21 Oct 2025
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-55680 cldflt.sys EoP exploited in TyphoonPWN 2025 A direct bypass of @tiraniddo 's bug from 2020 (https://t.co/rufFO8D4dj) unpatched for 5 years https://t.co/DUT4IalZiS
@cplearns2h4ck
16 Oct 2025
7805 Impressions
19 Retweets
160 Likes
58 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B51B700D-B45F-4A8E-9F78-67A1282B3BEA",
"versionEndExcluding": "10.0.17763.7919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1485A427-10FF-4C39-9911-4C6F1820BE7F",
"versionEndExcluding": "10.0.19044.6456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26CAACAA-3FE8-4740-8CF2-6BF3D069C47F",
"versionEndExcluding": "10.0.19045.6456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F387FA2-66C8-4B70-A537-65806271F16A",
"versionEndExcluding": "10.0.22621.6060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FEBF91-5010-4C84-B93A-6EFA4838185A",
"versionEndExcluding": "10.0.22631.6060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41E9F7AC-8E6D-43A0-A157-48A5E0B5BD0D",
"versionEndExcluding": "10.0.26100.6899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B77A066-4F79-4B1F-AECF-58DB4C651EA5",
"versionEndExcluding": "10.0.26200.6899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20810926-AEC9-4C09-9C52-B4B8FADECF3A",
"versionEndExcluding": "10.0.17763.7919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C1EA69-6BB8-4E59-8659-43581FDB48B7",
"versionEndExcluding": "10.0.20348.4294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "370C12D6-90EF-44BE-8070-AA0080C12600",
"versionEndExcluding": "10.0.25398.1913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C1771B-635B-41E3-84AF-8822467A1869",
"versionEndExcluding": "10.0.26100.6899",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]