CVE-2025-61973

HIGH EPSS 4.0%

Published Jan 15, 20265mo ago · Modified Jun 17, 20261w ago

8.8 CVSS 3.1

High

Published Jan 15, 2026 5mo ago

Last Modified Jun 17, 2026 1w ago

Description

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges.

CVSS Details

Base Score

8.8

Exploitability

2.0

Impact

6.0

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector Local

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Changed

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

4.0% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-284

References 2

talosintelligence.com https://talosintelligence.com/vulnerability_reports/TALOS-2025-2279
talosintelligence.com https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2279

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.