CVE-2025-61973

HIGH 8.8

CVSS Score

8.8

EPSS Score

0.0%

EPSS Percentile

0th

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges.

CWE	CWE-284
Vendor	epic games
Product	epic games store
Published	Jan 15, 2026
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for epic games epic games store

Be the first to know when new high vulnerabilities affecting epic games epic games store are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Epic Games / Epic Games Store

14.6.2.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

talosintelligence.com: https://talosintelligence.com/vulnerability_reports/TALOS-2025-2279 talosintelligence.com: https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2279

Credits

Discovered by KPC of Cisco Talos.