Microsoft Windows 11 23H2 vulnerabilities

1,263 known vulnerabilities affecting microsoft/windows_11_23h2.

Total CVEs

1,263

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL15HIGH884MEDIUM358LOW6

Vulnerabilities

Page 35 of 64

CVE-2025-21325HIGHCVSS 7.8fixed in 10.0.22631.47512025-01-17

CVE-2025-21325 [HIGH] CWE-732 CVE-2025-21325: Windows Secure Kernel Mode Elevation of Privilege Vulnerability Windows Secure Kernel Mode Elevation of Privilege Vulnerability

nvd

CVE-2025-21307CRITICALCVSS 9.8fixed in 10.0.22631.47512025-01-14

CVE-2025-21307 [CRITICAL] CWE-416 CVE-2025-21307: Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

nvd

CVE-2025-21291HIGHCVSS 8.8fixed in 10.0.22631.47512025-01-14

CVE-2025-21291 [HIGH] CWE-415 CVE-2025-21291: Windows Direct Show Remote Code Execution Vulnerability Windows Direct Show Remote Code Execution Vulnerability

nvd

CVE-2025-21239HIGHCVSS 8.8fixed in 10.0.22631.47512025-01-14

CVE-2025-21239 [HIGH] CWE-122 CVE-2025-21239: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21293HIGHCVSS 8.8PoCfixed in 10.0.22631.47512025-01-14

CVE-2025-21293 [HIGH] CWE-284 CVE-2025-21293: Active Directory Domain Services Elevation of Privilege Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability

nvd

CVE-2025-21378HIGHCVSS 7.8fixed in 10.0.22631.47512025-01-14

CVE-2025-21378 [HIGH] CWE-122 CVE-2025-21378: Windows CSC Service Elevation of Privilege Vulnerability Windows CSC Service Elevation of Privilege Vulnerability

nvd

CVE-2025-21300HIGHCVSS 7.5fixed in 10.0.22631.47512025-01-14

CVE-2025-21300 [HIGH] CWE-400 CVE-2025-21300: Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability

nvd

CVE-2025-21409HIGHCVSS 8.8fixed in 10.0.22621.4751fixed in 10.0.22631.47512025-01-14

CVE-2025-21409 [HIGH] CWE-122 CVE-2025-21409: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21234HIGHCVSS 7.8fixed in 10.0.22631.47512025-01-14

CVE-2025-21234 [HIGH] CWE-20 CVE-2025-21234: Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

nvd

CVE-2025-21339HIGHCVSS 8.8fixed in 10.0.22631.47512025-01-14

CVE-2025-21339 [HIGH] CWE-122 CVE-2025-21339: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21417HIGHCVSS 8.8fixed in 10.0.22621.4751fixed in 10.0.22631.47512025-01-14

CVE-2025-21417 [HIGH] CWE-122 CVE-2025-21417: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21370HIGHCVSS 8.8fixed in 10.0.22631.47512025-01-14

CVE-2025-21370 [HIGH] CWE-20 CVE-2025-21370: Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability

nvd

CVE-2025-21281HIGHCVSS 7.8fixed in 10.0.22631.47512025-01-14

CVE-2025-21281 [HIGH] CWE-416 CVE-2025-21281: Microsoft COM for Windows Elevation of Privilege Vulnerability Microsoft COM for Windows Elevation of Privilege Vulnerability

nvd

CVE-2025-21286HIGHCVSS 8.8fixed in 10.0.22631.47512025-01-14

CVE-2025-21286 [HIGH] CWE-122 CVE-2025-21286: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21303HIGHCVSS 8.8fixed in 10.0.22631.47512025-01-14

CVE-2025-21303 [HIGH] CWE-122 CVE-2025-21303: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21244HIGHCVSS 8.8fixed in 10.0.22631.47512025-01-14

CVE-2025-21244 [HIGH] CWE-190 CVE-2025-21244: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21287HIGHCVSS 7.8fixed in 10.0.22631.47512025-01-14

CVE-2025-21287 [HIGH] CWE-269 CVE-2025-21287: Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability

nvd

CVE-2025-21224HIGHCVSS 8.1fixed in 10.0.22631.47512025-01-14

CVE-2025-21224 [HIGH] CWE-416 CVE-2025-21224: Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

nvd

CVE-2025-21334HIGHCVSS 7.8KEVfixed in 10.0.22631.47512025-01-14

CVE-2025-21334 [HIGH] CWE-416 CVE-2025-21334: Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

nvd

CVE-2025-21289HIGHCVSS 7.5fixed in 10.0.22631.47512025-01-14

CVE-2025-21289 [HIGH] CWE-400 CVE-2025-21289: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

nvd

← Previous35 / 64Next →