{"dataType": "CVE_RECORD", "containers": {"cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*"], "vendor": "microsoft", "product": "windows_10_1507", "versions": [{"status": "affected", "version": "10.0.10240.0", "lessThan": "10.0.10240.20947", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*"], "vendor": "microsoft", "product": "windows_10_1607", "versions": [{"status": "affected", "version": "10.0.14393.0", "lessThan": "10.0.14393.7876", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*"], "vendor": "microsoft", "product": "windows_10_1809", "versions": [{"status": "affected", "version": "10.0.17763.0", "lessThan": "10.0.17763.7009", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*"], "vendor": "microsoft", "product": "windows_10_21h2", "versions": [{"status": "affected", "version": "10.0.19044.0", "lessThan": "10.0.19044.5608", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*"], "vendor": "microsoft", "product": "windows_10_22h2", "versions": [{"status": "affected", "version": "10.0.19045.0", "lessThan": "10.0.19045.5608", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*"], "vendor": "microsoft", "product": "windows_11_22h2", "versions": [{"status": "affected", "version": "10.0.22621.0", "lessThan": "10.0.22621.5039", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*"], "vendor": "microsoft", "product": "windows_11_23h2", "versions": [{"status": "affected", "version": "10.0.22631.0", "lessThan": "10.0.22631.5039", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*"], "vendor": "microsoft", "product": "windows_11_24h2", "versions": [{"status": "affected", "version": "10.0.26100.0", "lessThan": "10.0.26100.3403", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*"], "vendor": "microsoft", "product": "windows_server_2008", "versions": [{"status": "affected", "version": "6.1.7601"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "windows_server_2012", "versions": [{"status": "affected", "version": "6.2.9200"}, {"status": "affected", "version": "6.3.9600"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "windows_server_2016", "versions": [{"status": "affected", "version": "10.0.14393.0", "lessThan": "10.0.14393.7876", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "windows_server_2019", "versions": [{"status": "affected", "version": "10.0.17763.0", "lessThan": "10.0.17763.7009", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "windows_server_2022", "versions": [{"status": "affected", "version": "10.0.20348.0", "lessThan": "10.0.20348.3270", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "windows_server_2022_23h2", "versions": [{"status": "affected", "version": "10.0.25398.0", "lessThan": "10.0.25398.1486", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "windows_server_2025", "versions": [{"status": "affected", "version": "10.0.26100.0", "lessThan": "10.0.26100.3403", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.vicarius.io/vsociety/posts/cve-2025-24054-spoofing-vulnerability-in-windows-ntlm-by-microsoft-detection-script", "tags": ["exploit", "third-party-advisory"]}, {"url": "https://www.exploit-db.com/exploits/52478", "tags": ["exploit", "third-party-advisory", "vdb-entry"]}, {"url": "https://www.exploit-db.com/exploits/52480", "tags": ["exploit", "third-party-advisory", "vdb-entry"]}, {"url": "http://seclists.org/fulldisclosure/2025/Apr/28", "tags": ["mailing-list"]}, {"url": "https://www.vicarius.io/vsociety/posts/cve-2025-24054-spoofing-vulnerability-in-windows-ntlm-by-microsoft-mitigation-script", "tags": ["mitigation", "third-party-advisory"]}, {"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24054", "tags": ["vendor-advisory"]}, {"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24054", "tags": ["x_us-government-resource"]}], "descriptions": [{"lang": "en", "value": "External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network."}, {"lang": "es", "value": "El control externo del nombre o la ruta de archivo en Windows NTLM permite que un atacante no autorizado realice suplantación de identidad a través de una red."}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-73", "description": "CWE-73"}]}], "x_remediations": {"windows": [{"type": "update", "anyOf": ["KB5053594", "KB5055521", "KB5058383", "KB5058921", "KB5061010", "KB5062560", "KB5063871", "KB5065427", "KB5066836", "KB5068864", "KB5070882", "KB5071543", "KB5073722", "KB5074974", "KB5075999", "KB5078938"], "products": ["Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5053596", "KB5055519", "KB5058392", "KB5058922", "KB5059091", "KB5060531", "KB5061978", "KB5062557", "KB5063877", "KB5065428", "KB5066187", "KB5066586", "KB5068791", "KB5070883", "KB5071544", "KB5073723", "KB5074975", "KB5075904", "KB5077795", "KB5078131", "KB5078752"], "products": ["Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5053598", "KB5053656", "KB5055523", "KB5055627", "KB5058411", "KB5058499", "KB5059087", "KB5060829", "KB5060842", "KB5061977", "KB5062553", "KB5062660", "KB5063060", "KB5063878", "KB5064081", "KB5064489", "KB5065426", "KB5065789", "KB5066835", "KB5067036", "KB5068221", "KB5068861", "KB5070311", "KB5070773", "KB5070881", "KB5072033", "KB5072359", "KB5073379", "KB5074105", "KB5074109", "KB5075899", "KB5077181", "KB5077241", "KB5077744", "KB5077793", "KB5078127", "KB5078135", "KB5078740", "KB5079391", "KB5079473", "KB5085516", "KB5086672"], "products": ["Windows 11 Version 24H2 for ARM64-based Systems", "Windows 11 Version 24H2 for x64-based Systems", "Windows Server 2025", "Windows Server 2025 (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5053599", "KB5055527", "KB5058384", "KB5060118", "KB5062570", "KB5063774", "KB5063899", "KB5065425", "KB5066780", "KB5068779", "KB5070879", "KB5071542", "KB5073450", "KB5075897", "KB5077792", "KB5078133", "KB5078734"], "products": ["Windows Server 2022, 23H2 Edition (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5053602", "KB5053657", "KB5055528", "KB5055629", "KB5058405", "KB5058502", "KB5058919", "KB5060826", "KB5060999", "KB5062170", "KB5062552", "KB5062663", "KB5063875", "KB5064080", "KB5065431", "KB5065790", "KB5066189", "KB5066793", "KB5067112", "KB5068865", "KB5070312", "KB5071417", "KB5073455", "KB5075941", "KB5077797", "KB5078132", "KB5078883"], "products": ["Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows 11 Version 23H2 for x64-based Systems"]}, {"type": "update", "anyOf": ["KB5053603", "KB5055526", "KB5058385", "KB5058920", "KB5059092", "KB5060526", "KB5061906", "KB5062572", "KB5063880", "KB5065432", "KB5066782", "KB5068787", "KB5070884", "KB5071547", "KB5073457", "KB5075906", "KB5077800", "KB5078136", "KB5078766", "KB5082314"], "products": ["Windows Server 2022", "Windows Server 2022 (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5053606", "KB5053643", "KB5055518", "KB5055612", "KB5058379", "KB5058481", "KB5060533", "KB5061087", "KB5061768", "KB5061979", "KB5062554", "KB5062649", "KB5063159", "KB5063709", "KB5063842", "KB5065429", "KB5066188", "KB5066198", "KB5066791", "KB5068781", "KB5071546", "KB5073724", "KB5074976", "KB5075912", "KB5077796", "KB5078129", "KB5078885"], "products": ["Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems"]}, {"type": "update", "anyOf": ["KB5053618", "KB5055547", "KB5058387", "KB5060998", "KB5062561", "KB5063889", "KB5065430", "KB5066837"], "products": ["Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems"]}, {"type": "update", "anyOf": ["KB5053620", "KB5055561", "KB5058430", "KB5061078", "KB5061196", "KB5062632", "KB5063947", "KB5065468", "KB5066872", "KB5068904", "KB5071501", "KB5073695"], "products": ["Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5053627"], "products": ["Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5053636"], "products": ["Windows 11 Version 24H2 for ARM64-based Systems", "Windows 11 Version 24H2 for x64-based Systems", "Windows Server 2025", "Windows Server 2025 (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5053638"], "products": ["Windows Server 2022", "Windows Server 2022 (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5053886", "KB5055581", "KB5058451", "KB5061059", "KB5062592", "KB5063906", "KB5065509", "KB5066875", "KB5068907", "KB5070887", "KB5071505", "KB5073698", "KB5075971", "KB5078775"], "products": ["Windows Server 2012", "Windows Server 2012 (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5053887", "KB5055557", "KB5058403", "KB5061018", "KB5062597", "KB5063950", "KB5065507", "KB5066873", "KB5068905", "KB5070886", "KB5071503", "KB5073696", "KB5075970", "KB5078774"], "products": ["Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)"]}]}, "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000003", "shortName": "nvd", "dateUpdated": "2025-03-11T17:16:27Z", "x_subShortName": "nvd"}}}, "cveMetadata": {"cveId": "CVE-2025-24054", "state": "PUBLISHED", "dateUpdated": "2026-02-13T21:25:23Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2025-03-11T17:16:27Z", "assignerShortName": "microsoft"}, "dataVersion": "5.0"}