Vulnerabilites related to Microsoft - Windows Server 2025
cve-2024-49076
Vulnerability from cvelistv5
Published
2024-12-10 17:49
Modified
2025-01-21 19:38
Severity ?
EPSS score ?
Summary
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49076 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6659 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-49076", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-01-07T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-08T04:56:06.414Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.2966", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5247", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4602", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5247", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4602", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4602", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1308", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.2966", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5247", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4602", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5247", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4602", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4602", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1308", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-12-10T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-287", "description": "CWE-287: Improper Authentication", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-21T19:38:29.915Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49076" } ], "title": "Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-49076", "datePublished": "2024-12-10T17:49:37.702Z", "dateReserved": "2024-10-11T20:57:49.196Z", "dateUpdated": "2025-01-21T19:38:29.915Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21324
Vulnerability from cvelistv5
Published
2025-01-14 18:04
Modified
2025-02-14 23:40
Severity ?
EPSS score ?
Summary
Windows Digital Media Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21324 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6775 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21324", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-01-14T21:36:36.234228Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-14T21:36:44.655Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.3091", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5371", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4751", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5371", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1369", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20890", "status": "affected", "version": "10.0.10240.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23070", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23070", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23070", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27520", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27520", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25273", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25273", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22371", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22371", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.3091", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5371", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4751", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5371", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1369", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.10240.20890", "versionStartIncluding": "10.0.10240.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.23070", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.23070", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "6.0.6003.23070", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27520", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27520", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25273", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25273", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22371", "versionStartIncluding": "6.3.9600.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22371", "versionStartIncluding": "6.3.9600.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2025-01-14T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Windows Digital Media Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-14T23:40:55.693Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Digital Media Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21324" } ], "title": "Windows Digital Media Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2025-21324", "datePublished": "2025-01-14T18:04:39.028Z", "dateReserved": "2024-12-11T00:29:48.348Z", "dateUpdated": "2025-02-14T23:40:55.693Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21341
Vulnerability from cvelistv5
Published
2025-01-14 18:04
Modified
2025-02-14 23:40
Severity ?
EPSS score ?
Summary
Windows Digital Media Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21341 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6775 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21341", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-01-15T19:17:04.339268Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-15T19:17:15.562Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.3091", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5371", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4751", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5371", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1369", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20890", "status": "affected", "version": "10.0.10240.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23070", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23070", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23070", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27520", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27520", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25273", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25273", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22371", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22371", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.3091", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5371", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4751", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5371", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1369", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.10240.20890", "versionStartIncluding": "10.0.10240.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.23070", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.23070", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "6.0.6003.23070", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27520", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27520", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25273", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25273", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22371", "versionStartIncluding": "6.3.9600.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22371", "versionStartIncluding": "6.3.9600.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2025-01-14T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Windows Digital Media Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-14T23:40:19.686Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Digital Media Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21341" } ], "title": "Windows Digital Media Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2025-21341", "datePublished": "2025-01-14T18:04:02.652Z", "dateReserved": "2024-12-11T00:29:48.352Z", "dateUpdated": "2025-02-14T23:40:19.686Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21299
Vulnerability from cvelistv5
Published
2025-01-14 18:03
Modified
2025-02-14 23:40
Severity ?
EPSS score ?
Summary
Windows Kerberos Security Feature Bypass Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21299 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6775 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21299", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-01-15T19:37:22.429233Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-15T19:37:36.512Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.3091", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5371", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4751", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5371", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1369", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20890", "status": "affected", "version": "10.0.10240.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.3091", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5371", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4751", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5371", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1369", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.10240.20890", "versionStartIncluding": "10.0.10240.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2025-01-14T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Windows Kerberos Security Feature Bypass Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-922", "description": "CWE-922: Insecure Storage of Sensitive Information", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-14T23:40:09.538Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Kerberos Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21299" } ], "title": "Windows Kerberos Security Feature Bypass Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2025-21299", "datePublished": "2025-01-14T18:03:51.556Z", "dateReserved": "2024-12-10T23:54:12.949Z", "dateUpdated": "2025-02-14T23:40:09.538Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21347
Vulnerability from cvelistv5
Published
2025-02-11 17:58
Modified
2025-02-14 23:15
Severity ?
EPSS score ?
Summary
Windows Deployment Services Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21347 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6893 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21347", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-02-11T19:15:05.964801Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-02-11T19:26:47.404Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6893", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6893", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6893", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.3207", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5487", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4890", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5487", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4890", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4890", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1425", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20915", "status": "affected", "version": "10.0.10240.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7785", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7785", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7785", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25317", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25317", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22417", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22417", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6893", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6893", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6893", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.3207", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5487", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4890", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5487", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4890", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4890", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1425", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.10240.20915", "versionStartIncluding": "10.0.10240.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.14393.7785", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7785", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7785", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25317", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25317", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22417", "versionStartIncluding": "6.3.9600.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22417", "versionStartIncluding": "6.3.9600.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2025-02-11T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Windows Deployment Services Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-59", "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-14T23:15:51.863Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Deployment Services Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21347" } ], "title": "Windows Deployment Services Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2025-21347", "datePublished": "2025-02-11T17:58:31.262Z", "dateReserved": "2024-12-11T00:29:48.353Z", "dateUpdated": "2025-02-14T23:15:51.863Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21179
Vulnerability from cvelistv5
Published
2025-02-11 17:58
Modified
2025-02-14 23:16
Severity ?
EPSS score ?
Summary
DHCP Client Service Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21179 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows Server 2025 (Server Core installation) |
Version: 10.0.26100.0 < 10.0.26100.3194 |
|||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21179", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-02-11T18:54:44.486307Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-02-12T15:38:40.962Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2025-02-11T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "DHCP Client Service Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-14T23:16:00.842Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "DHCP Client Service Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21179" } ], "title": "DHCP Client Service Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2025-21179", "datePublished": "2025-02-11T17:58:40.108Z", "dateReserved": "2024-12-05T21:43:30.761Z", "dateUpdated": "2025-02-14T23:16:00.842Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21193
Vulnerability from cvelistv5
Published
2025-01-14 18:04
Modified
2025-02-14 23:40
Severity ?
EPSS score ?
Summary
Active Directory Federation Server Spoofing Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21193 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows Server 2019 |
Version: 10.0.17763.0 < 10.0.17763.6775 |
||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21193", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-15T16:52:32.273519Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-15T16:52:40.312Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.3091", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1369", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.3091", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1369", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2025-01-14T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Active Directory Federation Server Spoofing Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-352", "description": "CWE-352: Cross-Site Request Forgery (CSRF)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-14T23:40:35.633Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Active Directory Federation Server Spoofing Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21193" } ], "title": "Active Directory Federation Server Spoofing Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2025-21193", "datePublished": "2025-01-14T18:04:18.413Z", "dateReserved": "2024-12-05T21:43:30.766Z", "dateUpdated": "2025-02-14T23:40:35.633Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21230
Vulnerability from cvelistv5
Published
2025-01-14 18:04
Modified
2025-02-14 23:40
Severity ?
EPSS score ?
Summary
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21230 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6775 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21230", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-15T15:26:32.395223Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-15T15:26:42.145Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.3091", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5371", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4751", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5371", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1369", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20890", "status": "affected", "version": "10.0.10240.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23070", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23070", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23070", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27520", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27520", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25273", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25273", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22371", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22371", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.3091", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5371", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4751", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5371", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1369", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.10240.20890", "versionStartIncluding": "10.0.10240.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.23070", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.23070", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "6.0.6003.23070", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27520", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27520", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25273", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25273", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22371", "versionStartIncluding": "6.3.9600.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22371", "versionStartIncluding": "6.3.9600.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2025-01-14T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE" }, { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-14T23:40:43.054Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21230" } ], "title": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2025-21230", "datePublished": "2025-01-14T18:04:26.486Z", "dateReserved": "2024-12-10T23:54:12.920Z", "dateUpdated": "2025-02-14T23:40:43.054Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43452
Vulnerability from cvelistv5
Published
2024-11-12 17:53
Modified
2025-01-30 00:09
Severity ?
EPSS score ?
Summary
Windows Registry Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43452 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6532 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43452", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-13T16:14:13.060841Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-09T16:48:21.577Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6532", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6532", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6532", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.2849", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5131", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4460", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5131", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4460", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4460", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1251", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2314", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22966", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22966", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2314", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2314", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6532", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6532", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6532", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.2849", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5131", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4460", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5131", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4460", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4460", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1251", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2314", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.22966", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.22966", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2314", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2314", "versionStartIncluding": "10.0.26100.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-11-12T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Windows Registry Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-367", "description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-30T00:09:51.721Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Registry Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43452" } ], "title": "Windows Registry Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43452", "datePublished": "2024-11-12T17:53:49.522Z", "dateReserved": "2024-08-14T01:08:33.515Z", "dateUpdated": "2025-01-30T00:09:51.721Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43623
Vulnerability from cvelistv5
Published
2024-11-12 17:53
Modified
2025-01-30 00:09
Severity ?
EPSS score ?
Summary
Windows NT OS Kernel Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43623 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6532 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43623", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-01-09T17:06:35.699340Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-09T17:06:49.555Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6532", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6532", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6532", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.2849", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5131", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4460", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5131", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4460", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4460", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1251", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2314", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20826", "status": "affected", "version": "10.0.10240.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7515", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7515", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7515", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22966", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22966", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22966", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27415", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27415", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25165", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25165", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22267", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22267", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2314", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2314", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6532", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6532", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6532", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.2849", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5131", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4460", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5131", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4460", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4460", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1251", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2314", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.10240.20826", "versionStartIncluding": "10.0.10240.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.14393.7515", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7515", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7515", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.22966", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.22966", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "6.0.6003.22966", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27415", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27415", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25165", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25165", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22267", "versionStartIncluding": "6.3.9600.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22267", "versionStartIncluding": "6.3.9600.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2314", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2314", "versionStartIncluding": "10.0.26100.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-11-12T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Windows NT OS Kernel Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-30T00:09:39.019Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows NT OS Kernel Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43623" } ], "title": "Windows NT OS Kernel Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43623", "datePublished": "2024-11-12T17:53:37.855Z", "dateReserved": "2024-08-14T01:08:33.554Z", "dateUpdated": "2025-01-30T00:09:39.019Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21323
Vulnerability from cvelistv5
Published
2025-01-14 18:04
Modified
2025-02-14 23:40
Severity ?
EPSS score ?
Summary
Windows Kernel Memory Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21323 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows Server 2022 |
Version: 10.0.20348.0 < 10.0.20348.3091 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21323", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-14T21:46:48.323807Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-14T21:46:57.497Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.3091", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5371", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4751", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5371", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1369", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20890", "status": "affected", "version": "10.0.10240.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.3091", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.19044.5371", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4751", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5371", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1369", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.10240.20890", "versionStartIncluding": "10.0.10240.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2025-01-14T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Windows Kernel Memory Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-532", "description": "CWE-532: Insertion of Sensitive Information into Log File", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-14T23:40:54.450Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Kernel Memory Information Disclosure Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21323" } ], "title": "Windows Kernel Memory Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2025-21323", "datePublished": "2025-01-14T18:04:37.888Z", "dateReserved": "2024-12-11T00:29:48.348Z", "dateUpdated": "2025-02-14T23:40:54.450Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21308
Vulnerability from cvelistv5
Published
2025-01-14 18:04
Modified
2025-02-14 23:40
Severity ?
EPSS score ?
Summary
Windows Themes Spoofing Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21308 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6775 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21308", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-14T21:48:23.312307Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-14T21:48:53.983Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.3091", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5371", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4751", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5371", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20890", "status": "affected", "version": "10.0.10240.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25273", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25273", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22371", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22371", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.3091", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5371", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4751", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5371", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.10240.20890", "versionStartIncluding": "10.0.10240.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25273", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25273", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22371", "versionStartIncluding": "6.3.9600.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22371", "versionStartIncluding": "6.3.9600.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2025-01-14T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Windows Themes Spoofing Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-14T23:40:52.300Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Themes Spoofing Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21308" } ], "title": "Windows Themes Spoofing Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2025-21308", "datePublished": "2025-01-14T18:04:35.524Z", "dateReserved": "2024-12-10T23:54:12.952Z", "dateUpdated": "2025-02-14T23:40:52.300Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21407
Vulnerability from cvelistv5
Published
2025-02-11 17:58
Modified
2025-02-14 23:15
Severity ?
EPSS score ?
Summary
Windows Telephony Service Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21407 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6893 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21407", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-02-11T19:16:33.637453Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-02-11T19:27:48.066Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6893", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6893", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6893", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.3207", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5487", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4890", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5487", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4890", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4890", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1425", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20915", "status": "affected", "version": "10.0.10240.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7785", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7785", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7785", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23117", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23117", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23117", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27566", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27566", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25317", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25317", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22417", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22417", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6893", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6893", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6893", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.3207", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5487", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4890", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5487", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4890", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4890", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1425", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.10240.20915", "versionStartIncluding": "10.0.10240.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.14393.7785", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7785", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7785", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.23117", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.23117", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "6.0.6003.23117", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27566", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27566", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25317", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25317", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22417", "versionStartIncluding": "6.3.9600.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22417", "versionStartIncluding": "6.3.9600.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2025-02-11T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Windows Telephony Service Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-14T23:15:48.391Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Telephony Service Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21407" } ], "title": "Windows Telephony Service Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2025-21407", "datePublished": "2025-02-11T17:58:27.645Z", "dateReserved": "2024-12-11T00:29:48.376Z", "dateUpdated": "2025-02-14T23:15:48.391Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21374
Vulnerability from cvelistv5
Published
2025-01-14 18:04
Modified
2025-02-14 23:41
Severity ?
EPSS score ?
Summary
Windows CSC Service Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21374 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6775 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21374", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-14T19:49:09.775814Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-14T19:49:24.001Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.3091", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5371", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4751", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5371", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4751", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1369", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20890", "status": "affected", "version": "10.0.10240.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25273", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25273", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22371", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22371", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.3091", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5371", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4751", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5371", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4751", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1369", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.10240.20890", "versionStartIncluding": "10.0.10240.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7699", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25273", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25273", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22371", "versionStartIncluding": "6.3.9600.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22371", "versionStartIncluding": "6.3.9600.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2025-01-14T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Windows CSC Service Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-14T23:41:08.924Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows CSC Service Information Disclosure Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21374" } ], "title": "Windows CSC Service Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2025-21374", "datePublished": "2025-01-14T18:04:45.421Z", "dateReserved": "2024-12-11T00:29:48.362Z", "dateUpdated": "2025-02-14T23:41:08.924Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21376
Vulnerability from cvelistv5
Published
2025-02-11 17:58
Modified
2025-02-14 23:15
Severity ?
EPSS score ?
Summary
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21376 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6893 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21376", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-02-11T19:17:07.828017Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-02-11T19:29:53.147Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6893", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6893", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6893", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.3207", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5487", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4890", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5487", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4890", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4890", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1425", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20915", "status": "affected", "version": "10.0.10240.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7785", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7785", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7785", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23117", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23117", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23117", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27566", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27566", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25317", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25317", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22417", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22417", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6893", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6893", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6893", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.3207", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5487", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4890", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5487", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4890", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4890", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1425", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.10240.20915", "versionStartIncluding": "10.0.10240.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.14393.7785", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7785", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7785", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.23117", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.23117", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "6.0.6003.23117", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27566", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27566", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25317", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25317", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22417", "versionStartIncluding": "6.3.9600.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22417", "versionStartIncluding": "6.3.9600.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2025-02-11T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-362", "description": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)", "lang": "en-US", "type": "CWE" }, { "cweId": "CWE-191", "description": "CWE-191: Integer Underflow (Wrap or Wraparound)", "lang": "en-US", "type": "CWE" }, { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-14T23:15:34.679Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21376" } ], "title": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2025-21376", "datePublished": "2025-02-11T17:58:13.609Z", "dateReserved": "2024-12-11T00:29:48.363Z", "dateUpdated": "2025-02-14T23:15:34.679Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-49110
Vulnerability from cvelistv5
Published
2024-12-10 17:49
Modified
2025-01-21 19:38
Severity ?
EPSS score ?
Summary
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49110 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6659 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-49110", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-13T20:52:06.657049Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-13T21:03:34.653Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5247", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4602", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5247", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4602", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4602", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1308", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5247", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4602", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5247", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4602", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4602", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1308", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-12-10T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Mobile Broadband Driver Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-21T19:38:36.263Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Mobile Broadband Driver Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49110" } ], "title": "Windows Mobile Broadband Driver Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-49110", "datePublished": "2024-12-10T17:49:44.052Z", "dateReserved": "2024-10-11T20:57:49.206Z", "dateUpdated": "2025-01-21T19:38:36.263Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21183
Vulnerability from cvelistv5
Published
2025-02-11 17:58
Modified
2025-02-14 23:15
Severity ?
EPSS score ?
Summary
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21183 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows Server 2025 (Server Core installation) |
Version: 10.0.26100.0 < 10.0.26100.3194 |
|||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21183", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-02-11T19:16:54.610270Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-02-11T19:29:06.088Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.3194", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.3194", "versionStartIncluding": "10.0.26100.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2025-02-11T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-415", "description": "CWE-415: Double Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-14T23:15:37.310Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21183" } ], "title": "Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2025-21183", "datePublished": "2025-02-11T17:58:16.597Z", "dateReserved": "2024-12-05T21:43:30.762Z", "dateUpdated": "2025-02-14T23:15:37.310Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-49093
Vulnerability from cvelistv5
Published
2024-12-10 17:49
Modified
2025-01-21 19:38
Severity ?
EPSS score ?
Summary
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49093 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows Server 2025 |
Version: 10.0.26100.0 < 10.0.26100.2605 |
|||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-49093", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-13T20:54:41.144012Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-13T21:11:00.402Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-12-10T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-681", "description": "CWE-681: Incorrect Conversion between Numeric Types", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-21T19:38:11.153Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49093" } ], "title": "Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-49093", "datePublished": "2024-12-10T17:49:13.358Z", "dateReserved": "2024-10-11T20:57:49.201Z", "dateUpdated": "2025-01-21T19:38:11.153Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43627
Vulnerability from cvelistv5
Published
2024-11-12 17:53
Modified
2025-01-30 00:09
Severity ?
EPSS score ?
Summary
Windows Telephony Service Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43627 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6532 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43627", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-13T16:24:33.260220Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-09T17:04:59.014Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6532", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6532", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6532", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.2849", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5131", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4460", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5131", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4460", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4460", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1251", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2314", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20826", "status": "affected", "version": "10.0.10240.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7515", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7515", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7515", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22966", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22966", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22966", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27415", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27415", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25165", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25165", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22267", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22267", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2314", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2314", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6532", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6532", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6532", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.2849", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5131", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4460", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5131", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4460", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4460", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1251", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2314", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.10240.20826", "versionStartIncluding": "10.0.10240.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.14393.7515", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7515", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7515", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.22966", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.22966", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "6.0.6003.22966", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27415", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27415", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25165", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25165", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22267", "versionStartIncluding": "6.3.9600.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22267", "versionStartIncluding": "6.3.9600.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2314", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2314", "versionStartIncluding": "10.0.26100.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-11-12T08:00:00.000Z", "descriptions": [ { "lang": "en-US", "value": "Windows Telephony Service Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-30T00:09:41.210Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Telephony Service Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43627" } ], "title": "Windows Telephony Service Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43627", "datePublished": "2024-11-12T17:53:40.425Z", "dateReserved": "2024-08-14T01:08:33.554Z", "dateUpdated": "2025-01-30T00:09:41.210Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-49083
Vulnerability from cvelistv5
Published
2024-12-10 17:49
Modified
2025-01-21 19:38
Severity ?
EPSS score ?
Summary
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49083 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6659 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-49083", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-13T20:52:20.833429Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-13T21:02:12.766Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5247", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4602", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5247", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4602", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4602", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1308", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5247", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4602", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5247", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4602", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4602", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1308", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-12-10T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Mobile Broadband Driver Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-21T19:38:34.002Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Mobile Broadband Driver Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49083" } ], "title": "Windows Mobile Broadband Driver Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-49083", "datePublished": "2024-12-10T17:49:41.403Z", "dateReserved": "2024-10-11T20:57:49.197Z", "dateUpdated": "2025-01-21T19:38:34.002Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-49097
Vulnerability from cvelistv5
Published
2024-12-10 17:49
Modified
2025-01-21 19:38
Severity ?
EPSS score ?
Summary
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49097 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6659 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-49097", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-13T20:54:35.813173Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-13T21:11:41.719Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.2966", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5247", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4602", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5247", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4602", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4602", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1308", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.2966", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5247", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4602", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5247", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4602", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4602", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1308", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-12-10T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-591", "description": "CWE-591: Sensitive Data Storage in Improperly Locked Memory", "lang": "en-US", "type": "CWE" }, { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-21T19:38:12.803Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49097" } ], "title": "Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-49097", "datePublished": "2024-12-10T17:49:15.025Z", "dateReserved": "2024-10-11T20:57:49.203Z", "dateUpdated": "2025-01-21T19:38:12.803Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-49118
Vulnerability from cvelistv5
Published
2024-12-10 17:49
Modified
2025-01-21 19:38
Severity ?
EPSS score ?
Summary
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49118 | vendor-advisory |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6659 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-49118", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-13T20:51:40.705689Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-13T21:05:49.921Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6659", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.2966", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.5247", "status": "affected", "version": "10.0.19043.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.4602", "status": "affected", "version": "10.0.22621.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.5247", "status": "affected", "version": "10.0.19045.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems" ], "product": "Windows 11 version 22H3", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4602", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows 11 Version 23H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22631.4602", "status": "affected", "version": "10.0.22631.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1308", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 Version 24H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2605", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20857", "status": "affected", "version": "10.0.10240.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7606", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7606", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7606", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23016", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23016", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.23016", "status": "affected", "version": "6.0.6003.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27467", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.27467", "status": "affected", "version": "6.1.7601.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25222", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.25222", "status": "affected", "version": "6.2.9200.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22318", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.22318", "status": "affected", "version": "6.3.9600.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6659", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.2966", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.19044.5247", "versionStartIncluding": "10.0.19043.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22621.4602", "versionStartIncluding": "10.0.22621.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.19045.5247", "versionStartIncluding": "10.0.19045.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.22631.4602", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.22631.4602", "versionStartIncluding": "10.0.22631.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.25398.1308", "versionStartIncluding": "10.0.25398.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2605", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.10240.20857", "versionStartIncluding": "10.0.10240.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionEndExcluding": "10.0.14393.7606", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7606", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.14393.7606", "versionStartIncluding": "10.0.14393.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.23016", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.0.6003.23016", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*", "versionEndExcluding": "6.0.6003.23016", "versionStartIncluding": "6.0.6003.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27467", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.1.7601.27467", "versionStartIncluding": "6.1.7601.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25222", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.2.9200.25222", "versionStartIncluding": "6.2.9200.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22318", "versionStartIncluding": "6.3.9600.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionEndExcluding": "6.3.9600.22318", "versionStartIncluding": "6.3.9600.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-12-10T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-21T19:38:39.435Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49118" } ], "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-49118", "datePublished": "2024-12-10T17:49:46.808Z", "dateReserved": "2024-10-11T20:57:49.207Z", "dateUpdated": "2025-01-21T19:38:39.435Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2025-21225
Vulnerability from cvelistv5
Published
2025-01-14 18:04
Modified
2025-02-14 23:40
Severity ?
EPSS score ?
Summary
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21225 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows Server 2019 |
Version: 10.0.17763.0 < 10.0.17763.6775 |
||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21225", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-15T21:20:55.921821Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-15T21:53:25.730Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.6775", "status": "affected", "version": "10.0.17763.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.3091", "status": "affected", "version": "10.0.20348.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.25398.1369", "status": "affected", "version": "10.0.25398.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2025", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.26100.2894", "status": "affected", "version": "10.0.26100.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.7699", "status": "affected", "version": "10.0.14393.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.17763.6775", "versionStartIncluding": "10.0.17763.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.20348.3091", "versionStartIncluding": "10.0.20348.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.26100.2894", "versionStartIncluding": "10.0.26100.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microso