No cwe for this issue in Windows Kernel allows an unauthorized attacker to elevate privileges locally.
According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. How could an attacker exploit this vulnerability? An attacker could exploit this issue by triggering a specific timing condition during a memory permission change, causing a memory write to be applied using outdated permissions. Under these conditions, a write from a lower‑privileged context could succeed even after access should have been restricted.