Denial of Service Vulnerability in Microsoft Message Queuing
CVE-2025-21181

7.5HIGH

Key Information:

Vendor: Microsoft
Status: Windows 10 Version 1809; Windows Server 2019; Windows Server 2019 (server Core Installation); Windows Server 2022
Vendor: CVE Published:; 11 February 2025

Summary

A Denial of Service vulnerability exists in Microsoft Message Queuing (MSMQ) that could allow an unauthenticated attacker to cause a service disruption. By sending specially crafted messages to an MSMQ service, an attacker can exploit this vulnerability, potentially leading to crashes or unresponsive behavior in the affected system. Ensuring timely updates and implementing appropriate security measures are crucial to safeguard against this threat.

Affected Version(s)

Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.20915

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.7785

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.6893

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 11, 2025
Vulnerability Reserved
Dec 5, 2024