CVE-2025-60710

Published Nov 11, 2025

Last updated 3 months ago

CVSS high 7.8
Windows Tasks

Overview

Description
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
Source
secure@microsoft.com
NVD status
Modified
Products
windows_11_25h2

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-59

Social media

Hype score
Not currently trending

  1. CVE-2025-60710 | Host Process for Windows Tasks Elevation of Privilege Vulnerability https://t.co/BVoUWbvc1w https://t.co/TCVwtQwDFr

    @rahsi_aaka

    12 Jan 2026

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-60710 Host Process for Windows Tasks Elevation of Privilege Vulnerability https://t.co/tLO0ale6R2 #SecQube #cybersecurity

    @SecQube

    15 Dec 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 2025-11-12 の人気記事はコチラでした。(自動ツイート) #Hacker_Trends ――― GitHub - Wh04m1001/CVE-2025-60710 https://t.co/e4rgSezGd3 https://t.co/gUpeJNQzxr

    @motikan2010

    13 Nov 2025

    184 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. GitHub - Wh04m1001/CVE-2025-60710 https://t.co/HDpcTJdyID

    @akaclandestine

    12 Nov 2025

    996 Impressions

    4 Retweets

    3 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  5. Yesterday microsoft published advisory for CVE-2025-60710 and this is PoC for that LPE https://t.co/fZ9QrNZLjy

    @filip_dragovic

    12 Nov 2025

    28993 Impressions

    78 Retweets

    268 Likes

    169 Bookmarks

    5 Replies

    1 Quote

  6. CVE-2025-60710 Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally. https://t.co/fMa4YmcGRe

    @CVEnew

    11 Nov 2025

    178 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Microsoft Windows Improper Privilege Management VulnerabilityCVE-2026-21533
  2. Microsoft Windows Type Confusion VulnerabilityCVE-2026-21519
  3. Microsoft Windows NULL Pointer Dereference VulnerabilityCVE-2026-21525
  4. Microsoft Windows Shell Protection Mechanism Failure VulnerabilityCVE-2026-21510
  5. Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally.CVE-2026-21508

References

Sources include official advisories and independent security research.