⚠ Actively exploited

Added to CISA KEV on 2025-01-14. Federal agencies required to patch by 2025-02-04. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..

CVE-2025-21334 — Use After Free in Microsoft Windows 10 Version 21h2

CWE-416 — Use After Free CWE-668 — Resource Exposure15 documents10 sources

Severity

7.8HIGHNVD

EPSS

6.6%

top 8.78%

CISA KEV

KEV

Added 2025-01-14

Due 2025-02-04

Exploit

No known exploits

Affected products

Microsoft Windows 10 Version 21h2 Microsoft Windows 10 Version 22h2 Microsoft Windows 11 Version 22h2 +24 more

Timeline

PublishedJan 14

KEV addedJan 14

KEV dueFeb 4

Latest updateApr 18

CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages27 packages

▶NVDmicrosoft/windows< 10.0.25398.1369+1

▶NVDmicrosoft/windows_10_21h2< 10.0.19044.5371

▶NVDmicrosoft/windows_10_22h2< 10.0.19045.5371

▶NVDmicrosoft/windows_11_22h2< 10.0.22621.4751

▶NVDmicrosoft/windows_11_23h2< 10.0.22631.4751

Patches

Patch: msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-3hcq-fqcw-cvgf: Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability↗2025-01-14

▶

VulnCheck

Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability↗2025

▶

📋Vendor Advisories

CISA

Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability↗2025-01-14

▶

Microsoft

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability↗2025-01-14

▶

Microsoft

environment variable leak↗2021-03-09

▶

🕵️Threat Intelligence

Qualys

Zero-Day Vulnerability Protection | Detect & Stop Threats | Qualys↗2025-04-18

▶

Qualys

Zero-Day Vulnerability Protection | Detect & Stop Threats | Qualys↗2025-04-18

▶

Bleepingcomputer

Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws↗2025-01-14

▶

Krebs

Microsoft: Happy 2025. Here’s 161 Security Updates↗2025-01-14

▶

Tenable

Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335)↗2025-01-14

▶