CVE-2025-21418

Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. Vendor/Product: Microsoft Windows. Added to CISA KEV 2025-02-11; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.