CVE-2025-21370
published 2025-01-14CVE-2025-21370: Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
PriorityP344high8.8CVSS 3.1
AVLACLPRLUINSCCHIHAH
EPSS
0.46%
36.6th percentile
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_11_22h2 | < 10.0.22621.4751 | 10.0.22621.4751 |
| microsoft | windows_11_23h2 | < 10.0.22631.4751 | 10.0.22631.4751 |
| microsoft | windows_11_24h2 | < 10.0.26100.2894 | 10.0.26100.2894 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.4751 | 10.0.22621.4751 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.4751 | 10.0.22631.4751 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.4751 | 10.0.22631.4751 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.2894 | 10.0.26100.2894 |
| msrc | windows_11_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_x64-based_systems | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mxq3-vwh4-3gfm: Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
ghsa_unreviewed·2025-01-14
CVE-2025-21370 [HIGH] CWE-20 GHSA-mxq3-vwh4-3gfm: Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
Microsoft
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
vendor_msrc·2025-01-14·CVSS 7.8
CVE-2025-21370 [HIGH] CWE-20 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
FAQ: What privileges would an attacker gain by successfully exploiting this vulnerability?
An attacker who successfully exploited this vulnerability could potentially leak data from the target enclave or execute code within the context of the target enclave.
FAQ: Are there any additional steps that I need to follow to be protected from this vulnerability?
The changes to address this vulnerability updated Virtual Secure Mode components. The policy described in Guidance for blocking rollback of Virtualization-based Security (VBS) related security updates has been updated to account for the latest changes. If you deployed this policy, then you'll need to redeploy using the updated policy.
Windows Virtu
No detection rules found.
No public exploits indexed.
2025-01-14
Published