Description
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Telephony Service can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Resilient File System (ReFS) Deduplication Service can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Disk Cleanup Tool can be exploited remotely to gain privileges.
- A denial of service vulnerability in Internet Connection Sharing (ICS) can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Microsoft Digest Authentication can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Deployment Services can be exploited remotely to cause denial of service.
- A denial of service vulnerability in Windows Kerberos can be exploited remotely to cause denial of service.
- A denial of service vulnerability in Windows Active Directory Domain Services API can be exploited remotely to cause denial of service.
- A denial of service vulnerability in DHCP Client Service can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Setup Files Cleanup can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Storage can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows NTFS can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Windows Kernel can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
- A spoofing vulnerability in NTLM Hash Disclosure can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
- A remote code execution vulnerability in DHCP Client Service can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to execute arbitrary code.
- A tampering vulnerability in Windows Remote Desktop Configuration Service can be exploited remotely to spoof user interface.
- A remote code execution vulnerability in Windows Telephony Server can be exploited remotely to execute arbitrary code.
Original advisories
- CVE-2025-21407
- CVE-2025-21182
- CVE-2025-21410
- CVE-2025-21420
- CVE-2025-21216
- CVE-2025-21369
- CVE-2025-21347
- CVE-2025-21212
- CVE-2025-21358
- CVE-2025-21350
- CVE-2025-21183
- CVE-2025-21351
- CVE-2025-21352
- CVE-2025-21179
- CVE-2025-21367
- CVE-2025-21419
- CVE-2025-21200
- CVE-2025-21371
- CVE-2025-21391
- CVE-2025-21337
- CVE-2025-21190
- CVE-2025-21375
- CVE-2025-21184
- CVE-2025-21368
- CVE-2025-21359
- CVE-2025-21373
- CVE-2025-21254
- CVE-2025-21377
- CVE-2025-21418
- CVE-2025-21379
- CVE-2025-21181
- CVE-2025-21376
- CVE-2025-21349
- CVE-2025-21208
- CVE-2025-21406
- CVE-2025-21201
Related products
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-10
- Microsoft-Windows-Server-2016
- Microsoft-Windows-Server-2019
- Microsoft-Windows-11
- Microsoft-Windows-Server-2022
CVE list
- CVE-2025-21414 high
- CVE-2025-21407 critical
- CVE-2025-21182 high
- CVE-2025-21410 critical
- CVE-2025-21420 critical
- CVE-2025-21216 high
- CVE-2025-21369 critical
- CVE-2025-21347 high
- CVE-2025-21212 high
- CVE-2025-21358 critical
- CVE-2025-21350 high
- CVE-2025-21183 high
- CVE-2025-21351 critical
- CVE-2025-21352 high
- CVE-2025-21179 warning
- CVE-2025-21367 critical
- CVE-2025-21419 high
- CVE-2025-21200 critical
- CVE-2025-21371 critical
- CVE-2025-21391 high
- CVE-2025-21337 warning
- CVE-2025-21190 critical
- CVE-2025-21375 critical
- CVE-2025-21184 high
- CVE-2025-21368 critical
- CVE-2025-21359 critical
- CVE-2025-21373 critical
- CVE-2025-21254 high
- CVE-2025-21377 high
- CVE-2025-21418 critical
- CVE-2025-21379 high
- CVE-2025-21181 critical
- CVE-2025-21376 critical
- CVE-2025-21349 high
- CVE-2025-21208 critical
- CVE-2025-21406 critical
- CVE-2025-21201 critical
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!