Windows NTLM V1 Elevation of Privilege Vulnerability Affecting Microsoft Products
CVE-2025-21311

9.8CRITICAL

Key Information:

Vendor: Microsoft
Status: Windows Server 2025 (server Core Installation); Windows Server 2022, 23h2 Edition (server Core Installation); Windows 11 Version 24h2; Windows Server 2025
Vendor: CVE Published:; 14 January 2025

Summary

The Windows NTLM V1 Elevation of Privilege Vulnerability enables attackers to increase their user privileges within the affected systems. Exploiting this vulnerability could allow unauthorized users to gain access to sensitive resources and potentially compromise system integrity. This vulnerability poses significant risks, particularly in environments where NTLM authentication is employed. Organizations are urged to assess their systems and implement recommended mitigations to safeguard against exploitation.

Affected Version(s)

Windows 11 Version 24H2 ARM64-based Systems 10.0.26100.0 < 10.0.26100.2894

Windows Server 2022, 23H2 Edition (Server Core installation) x64-based Systems 10.0.25398.0 < 10.0.25398.1369

Windows Server 2025 (Server Core installation) x64-based Systems 10.0.26100.0 < 10.0.26100.2894

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 14, 2025
Vulnerability Reserved
Dec 10, 2024