cbcvebase.
CVE-2025-21295
published 2025-01-14

CVE-2025-21295: SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

Affected

46 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10_1507< 10.0.10240.2089010.0.10240.20890
microsoftwindows_10_1607< 10.0.14393.769910.0.14393.7699
microsoftwindows_10_1809< 10.0.17763.677510.0.17763.6775
microsoftwindows_10_21h2< 10.0.19044.537110.0.19044.5371
microsoftwindows_10_22h2< 10.0.19045.537110.0.19045.5371
microsoftwindows_10_version_1507>= 10.0.10240.0 < 10.0.10240.2089010.0.10240.20890
microsoftwindows_10_version_1607>= 10.0.14393.0 < 10.0.14393.769910.0.14393.7699
microsoftwindows_10_version_1809>= 10.0.17763.0 < 10.0.17763.677510.0.17763.6775
microsoftwindows_10_version_21h2>= 10.0.19044.0 < 10.0.19044.537110.0.19044.5371
microsoftwindows_10_version_22h2>= 10.0.19045.0 < 10.0.19045.537110.0.19045.5371
microsoftwindows_11_22h2< 10.0.22621.475110.0.22621.4751
microsoftwindows_11_23h2< 10.0.22631.475110.0.22631.4751
microsoftwindows_11_24h2< 10.0.26100.289410.0.26100.2894
microsoftwindows_11_version_22h2>= 10.0.22621.0 < 10.0.22621.475110.0.22621.4751
microsoftwindows_11_version_22h3>= 10.0.22631.0 < 10.0.22631.475110.0.22631.4751
microsoftwindows_11_version_23h2>= 10.0.22631.0 < 10.0.22631.475110.0.22631.4751
microsoftwindows_11_version_24h2>= 10.0.26100.0 < 10.0.26100.289410.0.26100.2894
microsoftwindows_server_2008
microsoftwindows_server_2008_r2_service_pack_1>= 6.1.7601.0 < 6.1.7601.275206.1.7601.27520
microsoftwindows_server_2012
microsoftwindows_server_2012>= 6.2.9200.0 < 6.2.9200.252736.2.9200.25273
microsoftwindows_server_2012_r2>= 6.3.9600.0 < 6.3.9600.223716.3.9600.22371
microsoftwindows_server_2016< 10.0.14393.769910.0.14393.7699
microsoftwindows_server_2016>= 10.0.14393.0 < 10.0.14393.769910.0.14393.7699
microsoftwindows_server_2019< 10.0.17763.677510.0.17763.6775