CVE-2025-21311

Critical

Published: 14 January 2025

Published

14 January 2025

Modified

24 January 2025

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0328 87.2th percentile

Risk Priority 22 60% EPSS · 20% KEV · 20% CVSS

Description

Windows NTLM V1 Elevation of Privilege Vulnerability

Security Summary

CVE-2025-21311 is a Windows NTLM V1 Elevation of Privilege Vulnerability, published on 2025-01-14. It affects the NTLM V1 authentication component in Windows systems, as indicated by the CWE-303 association and lack of additional CWE details from NVD.

The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical. Remote attackers require only network access, with low attack complexity, no privileges, and no user interaction. Exploitation enables elevation of privilege, resulting in high impacts to confidentiality, integrity, and availability.

Microsoft's Security Response Center provides vulnerability update guidance, including patches and mitigations, at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21311.

Details

CWE(s): CWE-303NVD-CWE-noinfo

Affected Products

microsoft

windows 11 24h2

≤ 10.0.26100.2894

microsoft

windows server 2022 23h2

≤ 10.0.25398.1369

microsoft

windows server 2025

≤ 10.0.26100.2894

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21311
Patch, Vendor Advisory · secure@microsoft.com