CVE-2025-21293

Risk Scores

Affected Products

Exploit Intelligence

• CVE-2025-21293 is an elevation of privilege vulnerability in Active Directory Domain Services. It allows "Network Configuration Operators" to execute code with SYSTEM privileges via Windows Performance Counters. Affected Windows versions include Windows 10, 11, and Server. Microsoft patched this in January 2025. Apply updates to mitigate risks. (github-poc)
• CVE-2025-21293 is an elevation of privilege vulnerability in Active Directory Domain Services. It allows "Network Configuration Operators" to execute code with SYSTEM privileges via Windows Performance Counters. Affected Windows versions include Windows 10, 11, and Server. Microsoft patched this in January 2025. Apply updates to mitigate risks. (github-poc)
• CVE-2025-21293 is an elevation of privilege vulnerability in Active Directory Domain Services. It allows "Network Configuration Operators" to execute code with SYSTEM privileges via Windows Performance Counters. Affected Windows versions include Windows 10, 11, and Server. Microsoft patched this in January 2025. Apply updates to mitigate risks. (github-poc)
• CVE-2025-21293 is an elevation of privilege vulnerability in Active Directory Domain Services. It allows "Network Configuration Operators" to execute code with SYSTEM privileges via Windows Performance Counters. Affected Windows versions include Windows 10, 11, and Server. Microsoft patched this in January 2025. Apply updates to mitigate risks. (github-poc)
• CVE-2025-21293 is an elevation of privilege vulnerability in Active Directory Domain Services. It allows "Network Configuration Operators" to execute code with SYSTEM privileges via Windows Performance Counters. Affected Windows versions include Windows 10, 11, and Server. Microsoft patched this in January 2025. Apply updates to mitigate risks. (github-poc)
• CVE-2025-21293 is an elevation of privilege vulnerability in Active Directory Domain Services. It allows "Network Configuration Operators" to execute code with SYSTEM privileges via Windows Performance Counters. Affected Windows versions include Windows 10, 11, and Server. Microsoft patched this in January 2025. Apply updates to mitigate risks. (github-poc)
• CVE-2025-21293 is an elevation of privilege vulnerability in Active Directory Domain Services. It allows "Network Configuration Operators" to execute code with SYSTEM privileges via Windows Performance Counters. Affected Windows versions include Windows 10, 11, and Server. Microsoft patched this in January 2025. Apply updates to mitigate risks. (github-poc)
• https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
• Microsoft Message Queuing Information Disclosure Vulnerability (circl)
• CIRCL seen: CVE-2025-21220 (circl-sighting)

…and 27 more exploits

Timeline

• Jan 14, 2025 CVE Published
• Jan 14, 2025 PoC Published
• Jan 14, 2025 PoC Published
• Jan 14, 2025 PoC Published
• Jan 15, 2025 EPSS Score
• Jan 24, 2025 CVE Updated
• Feb 4, 2025 PoC Published
• Feb 11, 2025 Coalition ESS Score
• Feb 15, 2025 EPSS Score
• Mar 17, 2025 EPSS Score
• Mar 18, 2025 EPSS Score
• Mar 20, 2025 EPSS Score

References

• https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0091.json advisory
• https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0091 advisory
• https://msrc.microsoft.com/update-guide/ advisory
• https://www.hitachi.com/products/it/storage-solutions/sec_info/2025/01.html advisory