CVE-2025-21418: Microsoft Windows Ancillary Function Driver for WinSock

Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability. Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.

• CISA KEV-listed (remediation due 2025-03-04)
• EPSS 10.3% (93.3% percentile)

Browse the CVE database

Read the full analysis on IntelFusions