Windows Cloud Files Mini Filter Driver Flaw Actively Exploited for Privilege Escalation
Posted: Mon Nov 10, 2025 4:57 pm
A critical privilege escalation vulnerability has been discovered in Windows Cloud Files Mini Filter Driver, designated as CVE-2025-55680.
The flaw leverages a time-of-check to time-of-use (TOCTOU) vulnerability to bypass file write restrictions, enabling local attackers to achieve unauthorized system-level access.
Technical Vulnerability Details
The vulnerability originates from a previous 2020 Project Zero disclosure that attempted to prevent symbolic link attacks by rejecting paths containing backslashes and colons.
https://cyberpress.org/windows-cloud-fi ... iver-flaw/
The flaw leverages a time-of-check to time-of-use (TOCTOU) vulnerability to bypass file write restrictions, enabling local attackers to achieve unauthorized system-level access.
Technical Vulnerability Details
The vulnerability originates from a previous 2020 Project Zero disclosure that attempted to prevent symbolic link attacks by rejecting paths containing backslashes and colons.
https://cyberpress.org/windows-cloud-fi ... iver-flaw/