Improper Authentication in Windows NTLM Affects Microsoft Products
CVE-2025-53778

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Windows 10 Version 1507; Windows 10 Version 1607; Windows 10 Version 1809; Windows 10 Version 21h2
Vendor: CVE Published:; 12 August 2025

What is CVE-2025-53778?

An improper authentication vulnerability in Windows NTLM permits an authorized attacker to exploit the system to elevate their privileges over a network. This method can potentially grant unauthorized access to sensitive resources, posing significant security risks. It is crucial for organizations utilizing affected Microsoft products to apply recommended security updates and ensure robust authentication mechanisms are in place.

Affected Version(s)

Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.21100

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.8330

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.7678

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisorypatch

EPSS Score

36% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2025
Vulnerability Reserved
Jul 9, 2025

CVE-2025-53778 Data

JSON