Denial of Service Vulnerability in Internet Connection Sharing Feature by Microsoft
CVE-2025-21216

6.5MEDIUM

Key Information:

Vendor: Microsoft
Status: Windows 10 Version 1809; Windows Server 2019; Windows Server 2019 (server Core Installation); Windows Server 2022
Vendor: CVE Published:; 11 February 2025

Summary

The Internet Connection Sharing feature in Microsoft products contains a vulnerability that allows for a Denial of Service (DoS) condition. When exploited, this vulnerability can disrupt network connectivity, leading to service interruptions for users relying on shared internet connections. Mitigating this issue is essential for maintaining network availability and performance. For extensive information and updates on this vulnerability, refer to the vendor advisory.

Affected Version(s)

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.7785

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.6893

Windows 10 Version 21H2 32-bit Systems 10.0.19043.0 < 10.0.19044.5487

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 11, 2025
Vulnerability Reserved
Dec 5, 2024