CVE-2025-21334

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 14, 2025

Updated: Jan 15, 2025

CWE ID 416

Summary

CVE-2025-21334 is a newly discovered vulnerability affecting Microsoft Windows Hyper-V's NT Kernel Integration component. This issue grants an attacker local elevation of privileges, allowing them to gain higher access to the system. An attacker can exploit this vulnerability by manipulating Virtual Service Providers (VSPs) within the Hyper-V environment. Successful exploitation could lead to significant security implications, including unauthorized access or data theft. Users are encouraged to apply the latest Microsoft security updates to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2dxiaM
https://www.cve.org/CVERecord?id=CVE-2025-21334
https://nvd.nist.gov/vuln/detail/CVE-2025-21334

Back to Vulnerability Database

CVE-2025-21334

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations