CVE-2025-62217
afd.sys — elevation of privilege
Summary
| Field | Value |
|---|---|
| Driver | afd.sys |
| Vulnerability Class | Elevation of Privilege |
| CVSS | 7.8 |
| Exploited ITW | No |
| Patch Date | November 11, 2025 |
Root Cause
A vulnerability in the AFD WinSock driver allows a local attacker to escalate privileges to SYSTEM. The exact root cause has not been publicly detailed beyond Microsoft's advisory.
Exploitation
The attacker sends crafted WinSock operations to reach SYSTEM.
Exploitation Primitive
Crafted WinSock operation → kernel vulnerability → SYSTEM