CVE-2025-59254
dwmcore.dll — memory handling flaw allows elevation of privilege
Summary
| Field | Value |
|---|---|
| Driver | dwmcore.dll (Desktop Window Manager Core Library) |
| Vulnerability Class | Elevation of Privilege (Memory Handling) |
| CVSS | 7.8 |
| Exploited ITW | No |
| Patch Date | October 14, 2025 |
Root Cause
A memory handling flaw in the DWM Core Library allows corruption during composition operations. DWM runs as SYSTEM, so corruption in this process context yields full privileges.
Exploitation
The attacker triggers the memory handling flaw through crafted composition operations. The corruption gives code execution in the SYSTEM-context DWM process.
Exploitation Primitive
Crafted composition operation → memory handling flaw
→ corruption → code execution in DWM (SYSTEM)