CVE-2025-21261

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Published Jan 14, 2025
CWE ID 125

Summary

CVE-2025-21261 is a newly disclosed vulnerability affecting Windows Digital Media. This elevation of privilege issue allows an attacker to gain higher system privileges by exploiting a flaw in the software's handling of certain media files. Successful exploitation could result in significant security implications, including unauthorized access to sensitive data or system modification. The vulnerability is current as of now, without further information available on the exploitability or the attack vector. To mitigate the risk, it is recommended to apply the latest software patches and updates as soon as they become available.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows Server 2008

Affected Vendors

  • Microsoft