CVE-2025-21265
CVSS 3.1 Score 6.6 of 10 (medium)
Details
Published Jan 14, 2025
CWE ID 125
Summary
CVE-2025-21265 is an elevation of privilege vulnerability affecting Windows Digital Media. An attacker can exploit this flaw to gain elevated system privileges by manipulating specially crafted media files. Successful exploitation could allow the attacker to install programs, view, change, or delete data, or create new accounts with full user rights. This vulnerability poses a significant risk to systems running unpatched Windows Digital Media software and requires immediate attention from administrators to apply available patches.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Microsoft Windows Server 2008
Affected Vendors
- Microsoft