CVE-2025-21269

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jan 14, 2025

CWE ID 41

Summary

CVE-2025-21269 is a security vulnerability affecting Windows HTML Platforms. This issue permits an attacker to bypass security features, potentially allowing the execution of malicious code. An attacker could exploit this flaw by tricking a user into opening a specially crafted HTML file or visiting a malicious website. Successful exploitation could lead to remote code execution with the same user rights as the current process. Microsoft strongly advises users and administrators to apply the available patch as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft Windows Server 2008

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2dhVYu
https://www.cve.org/CVERecord?id=CVE-2025-21269
https://nvd.nist.gov/vuln/detail/CVE-2025-21269

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners