CVE-2025-29824: Microsoft Windows Common Log File System (CLFS) Driver
Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability. Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
- CISA KEV-listed (remediation due 2025-04-29)
- used in ransomware campaigns
- EPSS 0.8% (75.0% percentile)