Msrc Windows Server 2022 23H2 Edition vulnerabilities

CVE-2025-21419 [HIGH] CWE-59 Windows Setup Files Cleanup Elevation of Privilege Vulnerability Windows Setup Files Cleanup Elevation of Privilege Vulnerability FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N), but could lead to major loss on integrity (I:H) and availability (A:H). What does that mean for this vulnerability? This vulnerability does not allow disclosure of any confidential information, but could allow

CVE-2025-21391 [HIGH] CWE-59 Windows Storage Elevation of Privilege Vulnerability Windows Storage Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would be able to delete targeted files on a system. FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N), but could lead to major loss on integrity (I:H) and availability (A:H).

CVE-2025-21410 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires an admin user on the client to connect to a malicious server, and that could allow the attacker to gain c

CVE-2025-21208 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system. FAQ: Accordi

CVE-2025-21420 [HIGH] CWE-59 Windows Disk Cleanup Tool Elevation of Privilege Vulnerability Windows Disk Cleanup Tool Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Disk Cleanup Tool: Windows Disk Cleanup Tool Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: P

CVE-2025-21347 [MEDIUM] CWE-59 Windows Deployment Services Denial of Service Vulnerability Windows Deployment Services Denial of Service Vulnerability FAQ: According to the CVSS metrics, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability? An authenticated attacker would need to perform specific actions on a vulnerable system, then convince another user on that system to interact with the Windows Deployment Services functionality

CVE-2025-21349 [MEDIUM] CWE-287 Windows Remote Desktop Configuration Service Tampering Vulnerability Windows Remote Desktop Configuration Service Tampering Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a machine-in-the-middle (MITM

CVE-2025-21216 [MEDIUM] CWE-125 Internet Connection Sharing (ICS) Denial of Service Vulnerability Internet Connection Sharing (ICS) Denial of Service Vulnerability FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of availability (A:H). What does that mean for this vulnerability? An attacker can send specially crafted packets which could affect availability of the service and result in Denial of Service (DoS). FAQ: According to the CVSS

CVE-2025-21212 [MEDIUM] CWE-125 Internet Connection Sharing (ICS) Denial of Service Vulnerability Internet Connection Sharing (ICS) Denial of Service Vulnerability FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of availability (A:H). What does that mean for this vulnerability? An attacker can send specially crafted packets which could affect availability of the service and result in Denial of Service (DoS). FAQ: According to the CVSS

CVE-2025-21254 [MEDIUM] CWE-125 Internet Connection Sharing (ICS) Denial of Service Vulnerability Internet Connection Sharing (ICS) Denial of Service Vulnerability FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of availability (A:H). What does that mean for this vulnerability? An attacker can send specially crafted packets which could affect availability of the service and result in Denial of Service (DoS). Windows Internet Connection

CVE-2025-21311 [CRITICAL] CWE-303 Windows NTLM V1 Elevation of Privilege Vulnerability Windows NTLM V1 Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the attack complexity is low (AC:L). What does that mean for this vulnerability? The attack vector is Network (AV:N) because this vulnerability is remotely exploitable and can be exploited from the internet. The attack complexity is Low (AC:L) because an attacker does not require sig

CVE-2025-21281 [HIGH] CWE-416 Microsoft COM for Windows Elevation of Privilege Vulnerability Microsoft COM for Windows Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows COM: Windows COM Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploi

CVE-2025-21326 [HIGH] CWE-843 Internet Explorer Remote Code Execution Vulnerability Internet Explorer Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score i

CVE-2025-21293 [HIGH] CWE-284 Active Directory Domain Services Elevation of Privilege Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to the system.

CVE-2025-21299 [HIGH] CWE-922 Windows Kerberos Security Feature Bypass Vulnerability Windows Kerberos Security Feature Bypass Vulnerability FAQ: Are there any additional steps that I need to follow to be protected from this vulnerability? The changes to address this vulnerability updated Virtual Secure Mode components. The policy described in Guidance for blocking rollback of Virtualization-based Security (VBS) related security updates has been updated to account for the latest changes. If you

CVE-2025-21239 [HIGH] CWE-122 Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system. Windows Telephony Service: Windows Telephony Service Micr

CVE-2025-21315 [HIGH] CWE-416 Microsoft Brokering File System Elevation of Privilege Vulnerability Microsoft Brokering File System Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who success

CVE-2025-21224 [HIGH] CWE-591 Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An unauthenticated attacker could send a specially crafted print task to a shared vulnerable Windows Line Printer Daemon (LPD) service across a network. Successful exploitation could result in remote code execution on the server. FAQ: According to the CVSS

CVE-2025-21331 [HIGH] CWE-59 Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? Successful exploitation of this vulnerability by an atta

CVE-2025-21234 [HIGH] CWE-20 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control