Windows Cloud Files Mini Filter Driver Vulnerability

HIGH (7.8)
cwe-416

Threat Intelligence

⚠️ CRITICAL GAP - Exploits exist but no detection available
EPSS Score: 4.17% chance of exploitation (percentile: 88%)
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: CISA KEV

How we test →

What is it?

The Windows Cloud Files Mini Filter Driver is a component of the Windows operating system, responsible for managing cloud storage. This vulnerability allows an authorized attacker to elevate privileges locally, potentially leading to unauthorized access to sensitive data and system configuration.

Am I affected?

You're affected if you use Use after free. Specific version info not stated in the advisory.

How to fix

Check the vendor advisory for patch details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62221 As immediate mitigation: restrict network access to affected systems if possible.

References