Microsoft Windows Server 2022 vulnerabilities

2,817 known vulnerabilities affecting microsoft/windows_server_2022.

Total CVEs

2,817

CISA KEV

102

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL74HIGH2015MEDIUM717LOW11

Vulnerabilities

Page 43 of 141

CVE-2025-21371HIGHCVSS 8.8fixed in 10.0.20348.3207≥ 10.0.20348.0, < 10.0.20348.32072025-02-11

CVE-2025-21371 [HIGH] CWE-122 CVE-2025-21371: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21347MEDIUMCVSS 6.0fixed in 10.0.20348.3207≥ 10.0.20348.0, < 10.0.20348.32072025-02-11

CVE-2025-21347 [MEDIUM] CWE-59 CVE-2025-21347: Windows Deployment Services Denial of Service Vulnerability Windows Deployment Services Denial of Service Vulnerability

nvd

CVE-2025-21377MEDIUMCVSS 6.5≥ 10.0.20348.0, < 10.0.20348.32072025-02-11

CVE-2025-21377 [MEDIUM] CWE-73 NTLM Hash Disclosure Spoofing Vulnerability NTLM Hash Disclosure Spoofing Vulnerability NTLM Hash Disclosure Spoofing Vulnerability

cvelistv5

CVE-2025-21212MEDIUMCVSS 6.5fixed in 10.0.20348.3207≥ 10.0.20348.0, < 10.0.20348.32072025-02-11

CVE-2025-21212 [MEDIUM] CWE-125 CVE-2025-21212: Internet Connection Sharing (ICS) Denial of Service Vulnerability Internet Connection Sharing (ICS) Denial of Service Vulnerability

nvd

CVE-2025-21216MEDIUMCVSS 6.5fixed in 10.0.20348.3207≥ 10.0.20348.0, < 10.0.20348.32072025-02-11

CVE-2025-21216 [MEDIUM] CWE-125 CVE-2025-21216: Internet Connection Sharing (ICS) Denial of Service Vulnerability Internet Connection Sharing (ICS) Denial of Service Vulnerability

nvd

CVE-2025-21349MEDIUMCVSS 6.8fixed in 10.0.20348.3207≥ 10.0.20348.0, < 10.0.20348.32072025-02-11

CVE-2025-21349 [MEDIUM] CWE-287 CVE-2025-21349: Windows Remote Desktop Configuration Service Tampering Vulnerability Windows Remote Desktop Configuration Service Tampering Vulnerability

nvd

CVE-2025-21254MEDIUMCVSS 6.5fixed in 10.0.20348.3207≥ 10.0.20348.0, < 10.0.20348.32072025-02-11

CVE-2025-21254 [MEDIUM] CWE-125 CVE-2025-21254: Internet Connection Sharing (ICS) Denial of Service Vulnerability Internet Connection Sharing (ICS) Denial of Service Vulnerability

nvd

CVE-2025-21350MEDIUMCVSS 5.9≥ 10.0.20348.0, < 10.0.20348.32072025-02-11

CVE-2025-21350 [MEDIUM] CWE-20 Windows Kerberos Denial of Service Vulnerability Windows Kerberos Denial of Service Vulnerability Windows Kerberos Denial of Service Vulnerability

cvelistv5

CVE-2025-21352MEDIUMCVSS 6.5fixed in 10.0.20348.3207≥ 10.0.20348.0, < 10.0.20348.32072025-02-11

CVE-2025-21352 [MEDIUM] CWE-400 CVE-2025-21352: Internet Connection Sharing (ICS) Denial of Service Vulnerability Internet Connection Sharing (ICS) Denial of Service Vulnerability

nvd

CVE-2025-21337LOWCVSS 3.3≥ 10.0.20348.0, < 10.0.20348.32072025-02-11

CVE-2025-21337 [LOW] CWE-284 Windows NTFS Elevation of Privilege Vulnerability Windows NTFS Elevation of Privilege Vulnerability Windows NTFS Elevation of Privilege Vulnerability

cvelistv5

CVE-2025-21298CRITICALCVSS 9.8≥ 10.0.20348.0, < 10.0.20348.30912025-01-14

CVE-2025-21298 [CRITICAL] CWE-416 Windows OLE Remote Code Execution Vulnerability Windows OLE Remote Code Execution Vulnerability Windows OLE Remote Code Execution Vulnerability

cvelistv5

CVE-2025-21307CRITICALCVSS 9.8fixed in 10.0.20348.3091≥ 10.0.20348.0, < 10.0.20348.30912025-01-14

CVE-2025-21307 [CRITICAL] CWE-416 CVE-2025-21307: Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

nvd

CVE-2025-21291HIGHCVSS 8.8fixed in 10.0.20348.3091≥ 10.0.20348.0, < 10.0.20348.30912025-01-14

CVE-2025-21291 [HIGH] CWE-415 CVE-2025-21291: Windows Direct Show Remote Code Execution Vulnerability Windows Direct Show Remote Code Execution Vulnerability

nvd

CVE-2025-21239HIGHCVSS 8.8fixed in 10.0.20348.3091≥ 10.0.20348.0, < 10.0.20348.30912025-01-14

CVE-2025-21239 [HIGH] CWE-122 CVE-2025-21239: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21293HIGHCVSS 8.8PoCfixed in 10.0.20348.3091≥ 10.0.20348.0, < 10.0.20348.30912025-01-14

CVE-2025-21293 [HIGH] CWE-284 CVE-2025-21293: Active Directory Domain Services Elevation of Privilege Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability

nvd

CVE-2025-21378HIGHCVSS 7.8fixed in 10.0.20348.3091≥ 10.0.20348.0, < 10.0.20348.30912025-01-14

CVE-2025-21378 [HIGH] CWE-122 CVE-2025-21378: Windows CSC Service Elevation of Privilege Vulnerability Windows CSC Service Elevation of Privilege Vulnerability

nvd

CVE-2025-21300HIGHCVSS 7.5fixed in 10.0.20348.3091≥ 10.0.20348.0, < 10.0.20348.30912025-01-14

CVE-2025-21300 [HIGH] CWE-400 CVE-2025-21300: Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability

nvd

CVE-2025-21409HIGHCVSS 8.8fixed in 10.0.20348.3091≥ 10.0.20348.0, < 10.0.20348.30912025-01-14

CVE-2025-21409 [HIGH] CWE-122 CVE-2025-21409: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21234HIGHCVSS 7.8fixed in 10.0.20348.3091≥ 10.0.20348.0, < 10.0.20348.30912025-01-14

CVE-2025-21234 [HIGH] CWE-20 CVE-2025-21234: Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

nvd

CVE-2025-21339HIGHCVSS 8.8fixed in 10.0.20348.3091≥ 10.0.20348.0, < 10.0.20348.30912025-01-14

CVE-2025-21339 [HIGH] CWE-122 CVE-2025-21339: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

← Previous43 / 141Next →