CVE-2025-21261
CVSS 3.1 Score 6.6 of 10 (medium)
Details
Summary
CVE-2025-21261 is a newly disclosed vulnerability affecting Windows Digital Media. This elevation of privilege issue allows an attacker to gain higher system privileges by exploiting a flaw in the software's handling of certain media files. Successful exploitation could result in significant security implications, including unauthorized access to sensitive data or system modification. The vulnerability is current as of now, without further information available on the exploitability or the attack vector. To mitigate the risk, it is recommended to apply the latest software patches and updates as soon as they become available.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Windows Server 2008
Affected Vendors
- Microsoft