Security researchers have publicly disclosed a proof-of-concept (PoC) exploit for CVE-2025-21333, a critical elevation-of-privilege vulnerability in Microsoft’s Hyper-V virtualization framework.
The vulnerability resides in the vkrnlintvsp.sys driver and enables local attackers to gain SYSTEM privileges through a sophisticated heap manipulation technique.
Microsoft rated this flaw as Important (7.8 CVSSv3) in its January 2025 advisory
https://gbhackers.com/poc-released-for- ... -v-system/