AI description
CVE-2025-59512 describes an improper access control vulnerability found within the Customer Experience Improvement Program (CEIP). This flaw enables an authorized attacker to locally elevate their privileges. The vulnerability impacts multiple versions of Windows, including Windows 10, Windows 11, and various Windows Server editions.
- Description
- Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_23h2, windows_11_24h2, windows_11_25h2, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-284
- Hype score
- Not currently trending
Micropatches released for Arbitrary Registry Key Delete As Local System With Consolidator Scheduled Task (CVE-2025-59512) https://t.co/uFCPPU1Mfk https://t.co/YmiGx23B38
@0patch
30 Mar 2026
614 Impressions
4 Retweets
5 Likes
1 Bookmark
1 Reply
0 Quotes
CVE-2025-59512 Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally. https://t.co/yBRylzm9bt
@CVEnew
11 Nov 2025
197 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "7BB42F69-3A99-4057-8C66-870B6ABFCED2",
"versionEndExcluding": "10.0.14393.8594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "19D83039-82E6-420D-95EA-3D3B1BA37ED8",
"versionEndExcluding": "10.0.14393.8594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "16F25469-D606-4A71-9A94-C10E1D08B231",
"versionEndExcluding": "10.0.17763.8027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "1A6A1513-48D5-4D4D-97F1-BFDAE4DC9396",
"versionEndExcluding": "10.0.17763.8027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5C0945-7EA1-4874-98E7-4234D85E0C0D",
"versionEndExcluding": "10.0.19044.6575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655C5458-E6FB-408D-BCB4-0D28F8283D55",
"versionEndExcluding": "10.0.19045.6575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0752A377-F96A-4B2F-B542-A9A9665AB913",
"versionEndExcluding": "10.0.22631.6199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4345F25E-DF90-4CB2-B310-F82E08502815",
"versionEndExcluding": "10.0.26100.7092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A547AA3-FC6B-46D9-8D22-995C3CA33140",
"versionEndExcluding": "10.0.26200.7092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD73B71D-FB6A-4B0E-80F5-9F6A06FC93A3",
"versionEndExcluding": "10.0.14393.8594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "970E52EF-A858-4132-9D8C-4B31E169002C",
"versionEndExcluding": "10.0.17763.8027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5791ADD5-7D67-4659-9DA2-09337A1D82C1",
"versionEndExcluding": "10.0.20348.4346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "256174B8-134D-44F5-9497-408AC51DE5DB",
"versionEndExcluding": "10.0.25398.1965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69424DAF-E9EA-4B50-80EC-5BAA97DEB772",
"versionEndExcluding": "10.0.26100.7092",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]