Main Vulnerability Database Exploits ID:12457 - Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Windows and Windows Server - CVE-2025-29969

ID:12457 - Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Windows and Windows Server - CVE-2025-29969

Published: February 27, 2026

Vulnerability identifier: #VU109097

Vulnerability risk: Medium

CVE-ID: CVE-2025-29969

CWE-ID: CWE-367

Exploitation vector: Remote access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://github.com/SafeBreach-Labs/EventLogin-CVE-2025-29969

Vulnerability description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to a time-of-check, time-of-use (TOCTOU) race condition in MS-EVEN RPC. A remote user can win a race condition and execute arbitrary code on the target system.

Remediation

Install updates from vendor's website.

ID:12457 - Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Windows and Windows Server - CVE-2025-29969

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human