CVE-2025-21293
Microsoft Active Directory Domain Services Privilege Escalation
Description
Active Directory Domain Services Elevation of Privilege Vulnerability
INFO
Published Date :
Jan. 14, 2025, 6:15 p.m.
Last Modified :
Jan. 24, 2025, 9:47 p.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
5.9
Exploitability Score :
2.8
Affected Products
The following products are affected by CVE-2025-21293
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2025-21293.
| URL | Resource |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21293 | Patch Vendor Advisory |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2025-21293 vulnerability anywhere in the article.
-
TheCyberThrone
CVE-2024-12797 OpenSSL Vulnerability Patched
CVE-2024-12797 is a critical security vulnerability discovered in OpenSSL, a widely used cryptographic library that provides secure communication over computer networks. This vulnerability poses signi ... Read more
-
TheCyberThrone
CISA Adds Microsoft and Zyxel Vulnerabilities to KEV Catalog
On February 11, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added four vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities, associate ... Read more
-
TheCyberThrone
Apple devices on verge of exploitation of CVE-2025-24200
CVE-2025-24200 is a critical security vulnerability discovered in Apple’s iOS and iPadOS. This vulnerability has severe implications for device security, especially considering the widespread use of t ... Read more
-
TheCyberThrone
Progress Software addresses multiple flaws in LoadMaster
Progress Software has recently addressed multiple high-severity security flaws in its LoadMaster software, which is widely used for load balancing and optimizing application performance. Here’s an in- ... Read more
-
TheCyberThrone
CVE-2025-25064 impacts Zimbra with SQL Injection
CVE-2025-25064 is a critical security vulnerability identified in Zimbra Collaboration software, a widely used email and collaboration platform. This vulnerability poses significant risks to the secur ... Read more
-
TheCyberThrone
TheCyberThrone Security Weekly Review – February 08, 2025
Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, February 08, 2025.CVE-2025-21293 PoC Exp ... Read more
-
TheCyberThrone
Apache James Denial-of-Service Vulnerabilities
The Apache James Mail Server has recently been identified as vulnerable to two distinct Denial-of-Service (DoS) attacks, tracked as CVE-2024-45626 and CVE-2024-37358 These vulnerabilities pose signifi ... Read more
-
TheCyberThrone
CVE-2025-24503 impacts Symantec PAM
CVE-2025-24503 is a critical security vulnerability affecting Privileged Access Manager (PAM) solutions, specifically those provided by Symantec. This vulnerability, if exploited, can have severe cons ... Read more
-
TheCyberThrone
CVE-2025-0994 affects Trimble Cityworks
CVE-2025-0994 is a serious security vulnerability affecting Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10. This vulnerability can lead to remot ... Read more
-
TheCyberThrone
CVE-2025-23419 impacts Nginx Server
CVE-2025-23419 is a security vulnerability that arises when multiple server blocks in an Nginx configuration share the same IP address and port. An attacker can exploit this vulnerability by using the ... Read more
-
TheCyberThrone
Cisco fixes Twin ISE Vulnerabilities
Cisco has recently addressed two critical vulnerabilities in its Identity Services Engine (ISE), identified as CVE-2025-20124 and CVE-2025-20125. These vulnerabilities pose significant security risks, ... Read more
-
TheCyberThrone
CVE-2024-56161 impacts AMD SEV-SNP Microcode
BackgroundCVE-2024-56161 is an improper signature verification vulnerability found in the AMD CPU ROM microcode patch loader. This vulnerability enables an attacker with local administrator privileges ... Read more
-
TheCyberThrone
CVE-2024-53104 Linux Kernel Flaw Added to CISA’s KEV Catalog
On February 5, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2024-53104 to its Known Exploited Vulnerabilities (KEV) Catalog. This addition highlights the critical nature ... Read more
-
TheCyberThrone
CVE-2025-21293 PoC Exploit Code Released
Vulnerability OverviewCVE-2025-21293 is an elevation of privilege vulnerability in Active Directory Domain Services. The vulnerability arises from excessive permissions granted to the Network Configur ... Read more
-
Krypt3ia
Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest
Date: 2.5.25 Top Headlines Five Eyes Launch Guidance to Improve Edge Device Security Summary: The UK’s leading cybersecurity agency and its Five Eyes peers have produced new guidance for manufacturers ... Read more
-
tripwire.com
Tripwire Patch Priority Index for January 2025
Tripwire's January 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.First on the list are patches for the Microsoft office platform, including Word, Access, Visi ... Read more
-
tripwire.com
VERT Threat Alert: January 2025 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s January 2025 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1139 as soon as coverage is completed.In ... Read more
-
BleepingComputer
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
Today is Microsoft's January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks.This Patch Tuesday al ... Read more
The following table lists the changes that have been made to the
CVE-2025-21293 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Initial Analysis by [email protected]
Jan. 24, 2025
Action Type Old Value New Value Added CWE NIST NVD-CWE-noinfo Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.10240.20890 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.10240.20890 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.14393.7699 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.14393.7699 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.17763.6775 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.17763.6775 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.19044.5371 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.19045.5371 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.22621.4751 *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.22631.4751 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.26100.2894 *cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.14393.7699 *cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.17763.6775 *cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.20348.3091 *cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.25398.1369 *cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.2894 Changed Reference Type https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21293 No Types Assigned https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21293 Patch, Vendor Advisory -
New CVE Received by [email protected]
Jan. 14, 2025
Action Type Old Value New Value Added Description Active Directory Domain Services Elevation of Privilege Vulnerability Added CVSS V3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Added CWE CWE-284 Added Reference https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21293
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2025-21293 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2025-21293
weaknesses.