CVE-2025-21391

Summary

CVE-2025-21391 is a newly disclosed Windows vulnerability that allows an attacker to elevate privileges through the Storage Spaces feature. By exploiting this Storage Elevation of Privilege vulnerability, an attacker can gain administrative access to a system, potentially leading to serious data theft or system compromise. This issue affects Windows Server 2012 R2 and later versions, and Microsoft has released a security update to address it. Users are strongly encouraged to install the patch as soon as possible to protect their systems from potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.