Microsoft Windows Host Process for Windows Tasks Privilege Escalation Vulnerability CVE-2025-60710
Summary
CISA added CVE-2025-60710 to the Known Exploited Vulnerabilities catalog on 2026-04-13. The vulnerability is an improper link resolution flaw in Host Process for Windows Tasks enabling local privilege escalation. CVSS 3.1 score is 7.8 (HIGH). Exploitation is active but not automatable per SSVC v2.0.3.
What changed
CISA added CVE-2025-60710 to the Known Exploited Vulnerabilities catalog indicating active exploitation. The vulnerability is an improper link resolution before file access ('link following') flaw in Host Process for Windows Tasks that allows an authorized attacker to elevate privileges locally, rated HIGH with CVSS 3.1 score of 7.8.
Organizations running affected Microsoft Windows versions (10.0.26100 before 10.0.26100.7462 and 10.0.26200 before 10.0.26200.7462) should prioritize patching given the active exploitation status. While CISA KEV catalog entries are primarily binding for federal agencies under BOD 22-01, private sector organizations are strongly encouraged to remediate this vulnerability as Microsoft has released patches.
What to do next
- Identify affected Microsoft Windows versions (10.0.26100 before 10.0.26100.7462; 10.0.26200 before 10.0.26200.7462)
- Apply Microsoft security patches to remediate the vulnerability
- Monitor for indicators of compromise related to CVE-2025-60710
Archived snapshot
Apr 14, 2026GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.
Required CVE Record Information
CNA: Microsoft Corporation
Description
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
CWE 1 Total
Learn more
- CWE-59: CWE-59: Improper Link Resolution Before File Access ('Link Following')
CVSS 1 Total
Learn more
| Score | Severity | Version | Vector String |
| --- | --- | --- | --- |
| 7.8 | HIGH | 3.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Product Status
Learn more Versions 1 Total
Default Status: unknown
affected
- affected from 10.0.26100.0 before 10.0.26100.7462 Versions 1 Total
Default Status: unknown
affected
- affected from 10.0.26200.0 before 10.0.26200.7462 Versions 1 Total
Default Status: unknown
affected
- affected from 10.0.26100.0 before 10.0.26100.7462 Versions 1 Total
Default Status: unknown
affected
- affected from 10.0.26100.0 before 10.0.26100.7462
References 1 Total
- msrc.microsoft.com: Host Process for Windows Tasks Elevation of Privilege Vulnerability vendor-advisory patch
CVE Program
Updated:
2025-12-16
This container includes required additional information provided by the CVE Program for this vulnerability.
References 2 Total
- https://www.vicarius.io/vsociety/posts/cve-2025-60710-detection-script-eop-vulnerability-in-host-process-for-windows-tasks
- https://www.vicarius.io/vsociety/posts/cve-2025-60710-mitigation-script-eop-vulnerability-in-host-process-for-windows-tasks
Authorized Data Publishers
CISA-ADP
Updated:
2026-04-14
SSVC and KEV, plus CVSS and CWE if not provided by the CNA.
SSVC 1 Total
Learn more
| Exploitation | Automatable | Technical Impact | Version | Date Accessed |
| --- | --- | --- | --- | --- |
| active | no | total | 2.0.3 | 2025-11-07 |
KEV 1 Total
Learn more
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-60710 (2026-04-13)
Related changes
Get daily alerts for CISA Known Exploited Vulnerabilities (KEV)
Daily digest delivered to your inbox.
Free. Unsubscribe anytime.
Source
About this page
Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission
Source document text, dates, docket IDs, and authority are extracted directly from CISA.
The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.
Classification
Who this affects
Taxonomy
Browse Categories
Get alerts for this source
We'll email you when CISA Known Exploited Vulnerabilities (KEV) publishes new changes.
Subscribed!
Optional. Filters your digest to exactly the updates that matter to you.