CVE-2025-21335

CVE-2025-21335 is an elevation of privilege vulnerability in the Windows Hyper-V NT Kernel Integration VSP component, stemming from a CWE-416 (Use After Free) flaw. Published on January 14, 2025, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity with significant impacts on confidentiality, integrity, and availability. The vulnerability affects Windows Hyper-V hosts where the VSP (Virtual Service Provider) integration service mishandles memory, allowing improper object reuse after deallocation.

A local attacker with low privileges on the Hyper-V host can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation enables elevation to higher privilege levels, potentially granting full system control, including kernel-level access, due to the high impact ratings across confidentiality, integrity, and availability.

Microsoft's Security Response Center (MSRC) provides an update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21335 detailing patches and remediation steps. The vulnerability is also referenced in the CISA Known Exploited Vulnerabilities catalog at https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21335, signaling active real-world exploitation and urging federal agencies to apply mitigations promptly.