CVE Catalog

CVE-2025-60419

MediumCVSS 6.2
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

A vulnerability was found in the NDIS Usermode IO driver (RtkIOAC60.sys, version 6.0.5600.16348) that allows a local authenticated attacker to send a crafted IOCTL request, causing a denial of service (DoS).

Risk Assessment

An attacker could crash the system or network services, disrupting organizational operations and potentially requiring manual reboot.

Recommendation

Immediately update the RtkIOAC60.sys driver to the latest version from the vendor and restrict local system access to trusted users only.

Original NVD description (English source)

An issue was discovered in the NDIS Usermode IO driver (RtkIOAC60.sys, version 6.0.5600.16348) allowing local authenticated attackers to send a crafted IOCTL request to the driver to cause a denial of service.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS