Cyber Posture

CVE-2025-21376

High

Published: 11 February 2025

Published
11 February 2025
Modified
26 February 2025
KEV Added
Patch
CVSS Score 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0144 80.8th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Description

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

Security Summary

CVE-2025-21376 is a Remote Code Execution vulnerability affecting the Windows Lightweight Directory Access Protocol (LDAP) component, published on 2025-02-11T18:15:36.167. It carries a CVSS v3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) and is linked to CWEs including CWE-122 (heap-based buffer overflow), CWE-191 (integer underflow or overflow), CWE-362 (race condition), and NVD-CWE-noinfo.

An unauthenticated attacker can exploit this vulnerability over the network, though it requires high attack complexity and no user interaction. Successful exploitation enables remote code execution with high impacts on confidentiality, integrity, and availability.

The Microsoft Security Response Center provides an update guide with details on patches and mitigation at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21376.

Details

CWE(s)
CWE-122CWE-191CWE-362NVD-CWE-noinfo

Affected Products

microsoft
windows 10 1507
≤ 10.0.10240.20915 · ≤ 10.0.10240.20915
microsoft
windows 10 1607
≤ 10.0.14393.7785 · ≤ 10.0.14393.7785
microsoft
windows 10 1809
≤ 10.0.17763.6893 · ≤ 10.0.17763.6893
microsoft
windows 10 21h2
≤ 10.0.19044.5487
microsoft
windows 10 22h2
≤ 10.0.19045.5487
microsoft
windows 11 22h2
≤ 10.0.22621.4890
microsoft
windows 11 23h2
≤ 10.0.22631.4890
microsoft
windows 11 24h2
≤ 10.0.26100.3194
microsoft
windows server 2008
all versions, r2
microsoft
windows server 2012
all versions, r2
+5 more product configuration(s) — see NVD for full list

References