CVE-2025-21198
published 2025-02-11CVE-2025-21198: Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability
PriorityP352critical9CVSS 3.1
AVAACLPRLUINSCCHIHAH
EPSS
0.87%
54.3th percentile
Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | hpc_pack_2016 | < 2016.3 | 2016.3 |
| microsoft | hpc_pack_2019 | < 6.3.8328.0 | 6.3.8328.0 |
| microsoft | microsoft_hpc_pack_2016 | >= 1.0.0 < 2016.3 | 2016.3 |
| microsoft | microsoft_hpc_pack_2019 | >= 1.0.0 < 6.3.8328.0 | 6.3.8328.0 |
| msrc | microsoft_hpc_pack_2016 | — | — |
| msrc | microsoft_hpc_pack_2019 | — | — |
CVSS provenance
nvdv3.19.0CRITICALCVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
vendor_msrc9.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability
vendor_msrc·2025-02-11·CVSS 9.0
CVE-2025-21198 [CRITICAL] CWE-306 Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability
Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability
FAQ: According to the CVSS metric, the attack vector is adjacent (AV:A) and privileges required are low (PR:L). What does that mean for this vulnerability?
Multiple networking topologies are available to connect High Performance Compute (HPC) resources which are reliant upon intra-nets or private networks and do not expose HPC resources to the public internet regardless of implementation. An attacker must have access to the network connecting the targeted clusters and nodes (PR:L) and must send a specially crafted HTTPS request to the head node (AV:A) to successfully exploit this vulnerability.
For more information on how HPC resources can be connected, please reference this documentation regarding Understan
GHSA
GHSA-j397-w275-xjh3: Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability
ghsa_unreviewed·2025-02-11
CVE-2025-21198 [CRITICAL] CWE-306 GHSA-j397-w275-xjh3: Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability
Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities
blogs_talos·2025-02-11·CVSS 8.7
CVE-2025-21376 [HIGH] Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for February of 2025 which includes 63 vulnerabilities affecting a range of products, including 4 that Microsoft marked as “critical” and one marked as "moderate."
There are two notable "critical" vulnerabilities. The first is CVE-2025-21376, which is a remote code execution (RCE) vulnerability affecting the Windows Lightweight Directory Access Protocol (LDAP). This vulnerability is a remote unauthenticated Out-of-bounds Write (OOBW) caused by a race condition in LDAP and could potentially result in arbitrary code execution in the Local Security Authority Subsystem Service (lsass.exe). This is a process in the Microsoft Windows operating systems that is responsible for enforcing the security policy on the system. Successful exploitation o
Talos
Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities
blogs_talos·2025-02-11·CVSS 8.7
CVE-2025-21376 [HIGH] Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities
## Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for February of 2025 which includes 63 vulnerabilities affecting a range of products, including 4 that Microsoft marked as “critical” and one marked as "moderate."
There are two notable "critical" vulnerabilities. The first is CVE-2025-21376 , which is a remote code execution (RCE) vulnerability affecting the Windows Lightweight Directory Access Protocol (LDAP). This vulnerability is a remote unauthenticated Out-of-bounds Write (OOBW) caused by a race condition in LDAP and could potentially result in arbitrary code execution in the Local Security Authority Subsystem Service (lsass.exe). This is a process in the Microsoft Windows operating systems tha
Bleepingcomputer
Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws
blogs_bleepingcomputer·2025-02-11·CVSS 7.1
[HIGH] Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws
## Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws
## Lawrence Abrams
19 Elevation of Privilege Vulnerabilities
2 Security Feature Bypass Vulnerabilities
22 Remote Code Execution Vulnerabilities
1 Information Disclosure Vulnerabilities
9 Denial of Service Vulnerabilities
3 Spoofing Vulnerabilities
The above numbers do not include a critical Microsoft Dynamics 365 Sales elevation of privileges flaw and 10 Microsoft Edge vulnerabilities fixed on February 6.
To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5051987 & KB5051989 cumulative updates and the Windows 10 KB5051974 update .
## Two actively exploited zero-day disclosed
This month's Patch Tuesday fixes two actively exploited and two public
2025-02-11
Published