CVE-2025-21311Incorrect Implementation of Authentication Algorithm in Microsoft Windows 11 Version 24h2

CWE-303Incorrect Implementation of Authentication AlgorithmCWE-918Server-Side Request Forgery16 documents12 sources
Severity
9.8CRITICALNVD
CISA7.2
EPSS
3.3%
top 12.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
Microsoft Windows 11 Version 24h2Microsoft Windows Server 2025Squid+7 more
Timeline
PublishedJan 14
Latest updateSep 29

Description

Windows NTLM V1 Elevation of Privilege Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages10 packages

NVDmicrosoft/windows< 10.0.25398.1369+1
NVDmicrosoft/windows_11_24h2< 10.0.26100.2894
CVEListV5microsoft/windows_server_202510.0.26100.010.0.26100.2894
CVEListV5microsoft/windows_11_version_24h210.0.26100.010.0.26100.2894

Patches

Patch: msrc.microsoft.com

🔴Vulnerability Details

2
OSV
CVE-2025-21311: Windows NTLM V1 Elevation of Privilege Vulnerability2025-01-14
GHSA
GHSA-29f7-2v24-7hpm: Windows NTLM V1 Elevation of Privilege Vulnerability2025-01-14

📋Vendor Advisories

3
CISA
Adminer Server-Side Request Forgery Vulnerability2025-09-29
Microsoft
Windows NTLM V1 Elevation of Privilege Vulnerability2025-01-14
Debian
CVE-2025-21311: squid - Windows NTLM V1 Elevation of Privilege Vulnerability2025

🕵️Threat Intelligence

10
Tenable
September 2025 Microsoft Patch Tuesday | Tenable®2025-09-09
Tenable
Microsoft’s August 2025 Patch Tuesday Addresses 107 CVEs (CVE-2025-53779)2025-08-12
Bleepingcomputer
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws2025-01-14
Krebs
Microsoft: Happy 2025. Here’s 161 Security Updates2025-01-14
Qualys
Microsoft and Adobe Patch Tuesday, January 2025 Security Update Review2025-01-14