Remote Code Execution Vulnerability in Windows LDAP by Microsoft
CVE-2025-21376

8.1HIGH

Key Information:

Vendor
Microsoft
Status
Windows 10 Version 1809
Windows Server 2019
Windows Server 2019 (server Core Installation)
Windows Server 2022
Vendor
CVE Published:
11 February 2025

Badges

👾 Exploit Exists📰 News Worthy

Summary

This vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) allows attackers to execute arbitrary code on affected systems. Due to improper handling of requests, an attacker can send specially crafted LDAP queries that lead to remote code execution. This can potentially compromise system integrity and allow unauthorized access to sensitive data. Prompt mitigation measures are advised to protect against exploitation.

Affected Version(s)

Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.20915

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.7785

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.6893

News Articles

favicon imageComputer Weekly

Microsoft’s February 2025 Patch Tuesday corrects 57 bugs, three cri...

Microsoft is correcting 57 vulnerabilities in its February Patch Tuesday, two of which are being actively exploited in the wild, and three of which are ‘critical’.

2 weeks ago

favicon imagewww.thestack.technology

Patch Tuesday: A “wormable” LDAP bug and two EOP zero days fixed

Lighter than last month, mercifully, but still some urgent fixes.

2 weeks ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by www.thestack.technology

  • Vulnerability published

  • Vulnerability Reserved

.