CVE-2025-24983

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 8 articles

VulnLookup ↗ NVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

1.67%

probability

This CVE has a 1.67% probability of being exploited in the next 30 days.

0% Top 82.4th percentile of all CVEs 100%

CVSS score unavailable

Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Description

Project Zero

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Attack Intelligence

CWE-118 · Incorrect Access of Indexable Resource ('Range Error') CWE-119 · Buffer Overflow CWE-416 · Use After Free CWE-664 · Improper Control of a Resource Through its Lifetime CWE-666 · Operation on Resource in Wrong Phase of Lifetime CWE-672 · Operation on a Resource after Expiration or Release CWE-825 · Expired Pointer Dereference

Google Project Zero

Patched

March 11, 2025

Reported by

Filip Jurčacko with ESET

Root Cause Analysis

???

URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days

TheHackerNews

Microsoft and Adobe Patch Tuesday, March 2025 Security Update Review

Qualys Mar 11, 2025

Microsoft: Windows CLFS zero-day exploited by ransomware gang

BleepingComputer Apr 08, 2025

Microsoft patches Windows Kernel zero-day exploited since 2023

BleepingComputer Mar 12, 2025

Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws

BleepingComputer Mar 11, 2025

EncryptHub linked to MMC zero-day attacks on Windows systems

BleepingComputer Mar 25, 2025

⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More

TheHackerNews

PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware

TheHackerNews

Signal Intelligence

Confidenceⓘ

88%

EPSS 1.67%

Mentions 8

Last Seen Apr 08, 2025

CNA Information

Analyst Note

This CVE is confirmed as a legitimate zero-day vulnerability in Windows Kernel subsystem with active exploitation documented by ransomware gangs since 2023, strong validation from Google Project Zero inclusion, and official Microsoft patching in March 2025. The high CVSS score (7.0) combined with confirmed real-world exploitation and multiple high-signal media reports provide robust evidence supporting the confirmed status.