CVE-2025-68947: NSecsoft 'NSecKrnl' is a Windows driver that allows a

NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver.

• EPSS 0.0% (5.8% percentile)
• CVSS 5.7 medium

Related briefings

• Reynolds Ransomware Bundles BYOVD Defense Evasion Directly Into Payload — A Rare and Dangerous Evolution 2026-02-05

Browse the CVE database

Read the full analysis on IntelFusions