CVE-2025-21293

Published Jan 14, 2025

Last updated a year ago

CVSS high 8.8
Active Directory

Overview

Description
Active Directory Domain Services Elevation of Privilege Vulnerability
Source
secure@microsoft.com
NVD status
Analyzed
Products
windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_22h2, windows_11_23h2, windows_11_24h2, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-284
nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

  1. ⚠️Vulnerabilidad en Windows Server ❗CVE-2025-21293 ➡️Más info: https://t.co/FQ0Eyw9UGQ https://t.co/Sni8i6b1M7

    @CERTpy

    19 Sept 2025

    112 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. New AD DS Vulnerability (CVE-2025-21293) Could Hand Hackers the Keys to the Entire ... https://t.co/WIisPln0jE #computerforensics

    @compu4n6

    12 Sept 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-21293 Active Directory Domain Services Elevation of Privilege Vulnerability https://t.co/IX5QzEkS6j #cybersecurity #SecQube

    @SecQube

    11 Sept 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Microsoft has confirmed a critical vulnerability (CVE-2025-21293) in Active Directory Domain Services that allows attackers with initial access to escalate privileges and take full control of domain controllers. #Security . #Cybersecurity #ActiveDirectory #CVE202521293 https://t.

    @hisnaksa

    11 Sept 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. A single stolen credential could be enough to hijack your entire Active Directory. CVE-2025-21293 lets attackers escalate straight to SYSTEM. Have you patched yet? Read more: https://t.co/L58ZdUURja #CVE #Microsoft #ActiveDirectory #Cybersecurity #infosec #VulnerabilityReport

    @rewterz

    11 Sept 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🛡️ Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges Read more: https://t.co/DxWD8fGs4r Microsoft has issued an updated warning for a critical security vulnerability in Active Directory Domain Services, tracked as CVE-2025-21293. This flaw

    @The_Cyber_News

    11 Sept 2025

    1427 Impressions

    9 Retweets

    20 Likes

    11 Bookmarks

    1 Reply

    0 Quotes

  7. 💻 Elevation of Privilege via Network Configuration Operators (CVE-2025-21293) This article discusses a vulnerability in Active Directory (CVE-2025-21293) related to the Network Configuration Operators group, which has excessive permissions to create subkeys in the registry fo

    @HackingTeam777

    27 Apr 2025

    243 Impressions

    0 Retweets

    0 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  8. ''Active Directory Domain Services Elevation of Privilege Vulnerability (CVE-2025-21293)'' #infosec #pentest #redteam #blueteam https://t.co/UOj9324JpJ

    @CyberWarship

    18 Apr 2025

    2034 Impressions

    17 Retweets

    46 Likes

    21 Bookmarks

    0 Replies

    0 Quotes

  9. Active Directory Domain Services Elevation of Privilege Vulnerability (CVE-2025-21293) - A tale of mediocracy https://t.co/7v0BGATQcX

    @pentest_swissky

    8 Apr 2025

    15454 Impressions

    47 Retweets

    144 Likes

    67 Bookmarks

    1 Reply

    2 Quotes

  10. ⚠️ Vulnerability Alert: Active Directory Domain Services Elevation of Privilege Vulnerability 📅 Timeline: Disclosure: 2025-01-14, Patch: 2025-01-14 🆔 CVE ID: CVE-2025-21293 📊 Base Score: 8.8 📏 CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 🔴 CVSS

    @syedaquib77

    2 Apr 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. ⚠️ Vulnerability Alert: Active Directory Domain Services Elevation of Privilege Vulnerability 📅 Timeline: Disclosure: 2025-01-14, Patch: 2025-01-14 🆔 CVE ID: CVE-2025-21293 📊 Base Score: 8.8 📏 CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 🔴 CVSS

    @syedaquib77

    2 Apr 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. 🚨 CVE-2025-21293 Active Directory Privilege Escalation PoC Released! 🚨 Microsoft has patched it, but are you protected? Read more! ⬇ 📖 https://t.co/wg1McwbTnL #CyberSecurity #Infosec #ActiveDirectory #Microsoft #PrivilegeEscalation #EthicalHacking #RedTeamPentesting

    @LelloAttieh

    21 Mar 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Privilege Escalation in Active Directory Domain Services: CVE-2025-21293 Exploit Revealed with PoC Code #PrivilegeEscalation #ActiveDirectory #CVE2025 #PoCCode #MicrosoftPatch https://t.co/ibFcB2PXcZ

    @reverseame

    7 Mar 2025

    4368 Impressions

    33 Retweets

    108 Likes

    43 Bookmarks

    0 Replies

    0 Quotes

  14. #Vulnerability #ActiveDirectoryDomainServices Privilege Escalation in Active Directory Domain Services: CVE-2025-21293 Exploit Revealed with PoC Code https://t.co/uJMCkd9JCX

    @Komodosec

    2 Mar 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. Privilege Escalation in Active Directory Domain Services: CVE-2025-21293 Exploit Revealed with PoC Code https://t.co/cGy4Lgt3wI

    @Info2sec_Torii

    10 Feb 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. شناسایی کد PoC برای CVE-2025-21293 در سرویس دامنه اکتیو دایرکتوری #Cyber_Security_News #اخبار_امنیت_سایبری #CVE_2025_21293 #Active_Directory https://t.co/rXBgQoJhok

    @vulnerbyte

    9 Feb 2025

    9 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. CVE-2025-21293 kritiği üzerine düşünüyorum: Network Configuration Operators grubuna verilen fazla izinler ciddi bir sorun yaratıyor mu diye merak ediyorum.

    @adirabilisim

    6 Feb 2025

    39 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  18. 📢 CiberSeguridad en menos de 5 minutos 🔴 Windows 11 rompe técnicas clásicas de malware: Cambios en el cargador de procesos bloquean Process Hollowing (RunPE), obligando a atacantes a buscar nuevas técnicas. 🛑 Active Directory en riesgo: Se publica exploit para CVE-2025-21293,

    @Seifreed

    5 Feb 2025

    7154 Impressions

    21 Retweets

    188 Likes

    68 Bookmarks

    2 Replies

    1 Quote

  19. ⚠️ PoC exploit released for CVE-2025-21293! ⚠️ A critical privilege escalation vulnerability in Active Directory Domain Services allows attackers to gain SYSTEM-level access. Immediate patching is advised! 🔗 Read more: https://t.co/RInw98C4iX #CyberSecurity #Infosec… https://

    @arunpratap786

    4 Feb 2025

    52 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. A critical vulnerability (CVE-2025-21293) in Active Directory could allow privilege escalation to SYSTEM. Discovered by Sebastian Sadeq Birke, organizations should apply the security patch ASAP. 🔒 #ActiveDirectory #Vulnerability #Germany link: https://t.co/aXjAzWl0XL https://t.

    @TweetThreatNews

    4 Feb 2025

    86 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    1 Reply

    0 Quotes

  21. PoC exploit has been released for CVE-2025-21293, a privilege escalation vulnerability in Active Directory Domain Services providing attackers with system-level privileges on affected environments. https://t.co/zOyivvoIrP

    @SOC_Prime

    4 Feb 2025

    192 Impressions

    1 Retweet

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. Active Directory Domain Servicesの特権昇格脆弱性「CVE-2025-21293」が公開され、PoCコードも確認された。この脆弱性は「Network Configuration Operators」グループの過剰な権限設定が原因で、攻撃者はSYSTEM権限を取得可能。 https://t.co/dEPF3iQiS4

    @01ra66it

    4 Feb 2025

    1697 Impressions

    4 Retweets

    38 Likes

    13 Bookmarks

    0 Replies

    0 Quotes

  23. Privilege Escalation in Active Directory Domain Services: CVE-2025-21293 Exploit Revealed with PoC Code https://t.co/Pa6sgy5j0N

    @Dinosn

    4 Feb 2025

    12626 Impressions

    87 Retweets

    271 Likes

    126 Bookmarks

    0 Replies

    0 Quotes

  24. #exploit 1. CVE-2024-57514: XSS in TP-Link A20 v3 Router - https://t.co/HA0f0sLlHa 2. CVE-2025-21293: AD Domain Services EoP - https://t.co/AwLqPE5vYQ 3. CVE-2025-24118: macOS XNU kernel vulnerability - https://t.co/igtmkN1Gac 4. CVE-2024-8381: SpiderMonkey Interpreter Type… h

    @ksg93rd

    3 Feb 2025

    244 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. Active Directory Domain Services Elevation of Privilege Vulnerability (CVE-2025-21293) CVSS 8.8 Microsoft has released a crucial security patch to address CVE-2025-21293 in Jan 2025 patch Tuesday. This vulnerability was discovered by Sebastian Birke from ReTest Security during a

    @RedHatPentester

    3 Feb 2025

    1431 Impressions

    11 Retweets

    47 Likes

    11 Bookmarks

    0 Replies

    0 Quotes

  26. Top 5 Trending CVEs: 1 - CVE-2024-56529 2 - CVE-2025-0950 3 - CVE-2025-24118 4 - CVE-2025-21293 5 - CVE-2024-43707 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    3 Feb 2025

    21 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  27. 🚨Active Directory Domain Services Elevation of Privilege Vulnerability (CVE-2025-21293) CVSS 8.8 I have added a custom DefenderXDR detection for this vulnerability for SecOps monitoring until infrastructure team able to patch this CVE. 🫡 https://t.co/AEjNrbHtii

    @0x534c

    2 Feb 2025

    14780 Impressions

    33 Retweets

    190 Likes

    217 Bookmarks

    2 Replies

    0 Quotes

  28. Top 5 Trending CVEs: 1 - CVE-2025-21298 2 - CVE-2025-24118 3 - CVE-2024-57727 4 - CVE-2025-24883 5 - CVE-2025-21293 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    1 Feb 2025

    120 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. Active Directory Domain Services Elevation of Privilege Vulnerability (CVE-2025-21293) via @itm4n #infosec https://t.co/ppV6SnvihL

    @dacbarbos

    31 Jan 2025

    543 Impressions

    3 Retweets

    3 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Microsoft Windows Improper Privilege Management VulnerabilityCVE-2026-21533
  2. Microsoft Windows NULL Pointer Dereference VulnerabilityCVE-2026-21525
  3. Microsoft Windows Type Confusion VulnerabilityCVE-2026-21519
  4. Microsoft MSHTML Framework Protection Mechanism Failure VulnerabilityCVE-2026-21513
  5. Microsoft Windows Shell Protection Mechanism Failure VulnerabilityCVE-2026-21510

References

Sources include official advisories and independent security research.