CVE-2025-60419
MediumCVSS 6.2Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A vulnerability was found in the NDIS Usermode IO driver (RtkIOAC60.sys, version 6.0.5600.16348) that allows a local authenticated attacker to send a crafted IOCTL request, causing a denial of service (DoS).
Risk Assessment
An attacker could crash the system or network services, disrupting organizational operations and potentially requiring manual reboot.
Recommendation
Immediately update the RtkIOAC60.sys driver to the latest version from the vendor and restrict local system access to trusted users only.
Original NVD description (English source)
An issue was discovered in the NDIS Usermode IO driver (RtkIOAC60.sys, version 6.0.5600.16348) allowing local authenticated attackers to send a crafted IOCTL request to the driver to cause a denial of service.

