Microsoft Windows 11 Version 23H2 vulnerabilities

1,506 known vulnerabilities affecting microsoft/windows_11_version_23h2.

Total CVEs

1,506

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL18HIGH1051MEDIUM430LOW7

Vulnerabilities

Page 41 of 76

CVE-2025-21298CRITICALCVSS 9.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21298 [CRITICAL] CWE-416 Windows OLE Remote Code Execution Vulnerability Windows OLE Remote Code Execution Vulnerability Windows OLE Remote Code Execution Vulnerability

cvelistv5

CVE-2025-21307CRITICALCVSS 9.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21307 [CRITICAL] CWE-416 CVE-2025-21307: Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

nvd

CVE-2025-21291HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21291 [HIGH] CWE-415 CVE-2025-21291: Windows Direct Show Remote Code Execution Vulnerability Windows Direct Show Remote Code Execution Vulnerability

nvd

CVE-2025-21239HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21239 [HIGH] CWE-122 CVE-2025-21239: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21293HIGHCVSS 8.8PoC≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21293 [HIGH] CWE-284 CVE-2025-21293: Active Directory Domain Services Elevation of Privilege Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability

nvd

CVE-2025-21378HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21378 [HIGH] CWE-122 CVE-2025-21378: Windows CSC Service Elevation of Privilege Vulnerability Windows CSC Service Elevation of Privilege Vulnerability

nvd

CVE-2025-21300HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21300 [HIGH] CWE-400 CVE-2025-21300: Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability

nvd

CVE-2025-21409HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21409 [HIGH] CWE-122 CVE-2025-21409: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21234HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21234 [HIGH] CWE-20 CVE-2025-21234: Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

nvd

CVE-2025-21339HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21339 [HIGH] CWE-122 CVE-2025-21339: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21417HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21417 [HIGH] CWE-122 CVE-2025-21417: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21370HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.57682025-01-14

CVE-2025-21370 [HIGH] CWE-20 CVE-2025-21370: Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability

nvd

CVE-2025-21281HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21281 [HIGH] CWE-416 CVE-2025-21281: Microsoft COM for Windows Elevation of Privilege Vulnerability Microsoft COM for Windows Elevation of Privilege Vulnerability

nvd

CVE-2025-21286HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21286 [HIGH] CWE-122 CVE-2025-21286: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21303HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21303 [HIGH] CWE-122 CVE-2025-21303: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21244HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21244 [HIGH] CWE-190 CVE-2025-21244: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21287HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21287 [HIGH] CWE-269 CVE-2025-21287: Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability

nvd

CVE-2025-21224HIGHCVSS 8.1≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21224 [HIGH] CWE-416 CVE-2025-21224: Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

nvd

CVE-2025-21334HIGHCVSS 7.8KEV≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21334 [HIGH] CWE-416 CVE-2025-21334: Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

nvd

CVE-2025-21289HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21289 [HIGH] CWE-400 CVE-2025-21289: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

nvd

← Previous41 / 76Next →