Remote Code Execution Vulnerability in Windows Line Printer Daemon Service
CVE-2025-21224

8.1HIGH

Key Information:

Vendor
Microsoft
Status
Windows Server 2022
Windows 10 Version 21h2
Windows 11 Version 22h2
Windows 10 Version 22h2
Vendor
CVE Published:
14 January 2025

Badges

👾 Exploit Exists📰 News Worthy

Summary

The Windows Line Printer Daemon (LPD) Service is susceptible to a Remote Code Execution vulnerability, which allows attackers to execute arbitrary code on affected systems. This could potentially lead to unauthorized access, data manipulation, or a complete system compromise. It is vital for users and administrators to apply the necessary patches and updates to mitigate this security risk.

Affected Version(s)

Windows 10 Version 21H2 32-bit Systems 10.0.19043.0 < 10.0.19044.5371

Windows 10 Version 22H2 x64-based Systems 10.0.19045.0 < 10.0.19045.5371

Windows 11 version 22H2 ARM64-based Systems 10.0.22621.0 < 10.0.22621.4751

News Articles

favicon imageCybersecurityNews

Windows Line Printer Daemon (LPD) Vulnerability Exposes Systems to Remote Code Execution

Microsoft has disclosed a significant security vulnerability in its Windows Line Printer Daemon (LPD) service, tracked as CVE-2025-21224. This flaw could allow attackers to execute remote code on affected systems, posing a serious risk to organizations relying on the LPD service for network printing...

3 weeks ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by CybersecurityNews

  • Vulnerability published

  • Vulnerability Reserved

.