High severity7.8CISA KEVNVD Advisory· Published Nov 11, 2025· Updated Apr 14, 2026
CVE-2025-60710
CVE-2025-60710
Description
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*Range: <10.0.26100.7392
Patches
Vulnerability mechanics
References
4- msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60710nvdVendor Advisory
- www.vicarius.io/vsociety/posts/cve-2025-60710-detection-script-eop-vulnerability-in-host-process-for-windows-tasksnvdThird Party Advisory
- www.vicarius.io/vsociety/posts/cve-2025-60710-mitigation-script-eop-vulnerability-in-host-process-for-windows-tasksnvdMitigationThird Party Advisory
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
1- 20th April – Threat Intelligence ReportCheck Point Research · Apr 20, 2026