- Description
- Windows OLE Remote Code Execution Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_22h2, windows_11_23h2, windows_11_24h2, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- secure@microsoft.com
- CWE-416
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
[ SOC Alert => Windows OLE Zero-Click RCE Exploitation Detected (CVE-2025-21298) ] - Severity: Critical Mais um Walkthrough de um alerta da @LetsDefendIO. vamos para o alerta: #studytech #bolhasec #BlueTeam #Cibersegurança #InfoSec https://t.co/4XcOeP011e
@0xKayky
16 Nov 2025
165 Impressions
1 Retweet
1 Like
0 Bookmarks
1 Reply
0 Quotes
Alert: Windows OLE Zero-Click RCE (CVE-2025-21298) detected via malicious RTF attachment (mail.rtf, hash df993d037cdb77a435d6993a37e7750dbbb16b2df64916499845b56aa9194184). Endpoint contained; apply Jan 2025 patches. #Exploit #SecurityAU #CVE https://t.co/AsuWHMYEVD
@TweetThreatNews
8 Aug 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#letsdefend I investigated 'SOC336 - Windows OLE Zero-Click RCE Exploitation Detected (CVE-2025-21298)' incident on @LetsDefendIO
@MutadzaM
2 Jul 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CRITICAL: New Windows vulnerability CVE-2025-21298 (CVSS 9.8!) Attackers can execute remote code on Windows systems just by sending a malicious file targeting Word & Outlook. https://t.co/Z0nSb3kjBs @three_cube
@_aircorridor
8 Jun 2025
1570 Impressions
4 Retweets
19 Likes
8 Bookmarks
0 Replies
0 Quotes
I recently discovered the "PhantomRTF" campaign, which is carrying out a critical zero-day attack by targeting the Microsoft Outlook RTF file processing vulnerability (CVE-2025-21298). https://t.co/EW3I8mkZFV https://t.co/IHvurobCNi
@umidcybers
19 Apr 2025
273 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
GitHub - mr-big-leach/CVE-2025-21298 - https://t.co/h3lYn18AsS
@piedpiper1616
14 Apr 2025
1057 Impressions
5 Retweets
15 Likes
12 Bookmarks
0 Replies
0 Quotes
I just published SOC336-Windows OLE Zero-Click RCE Exploitation Detected (CVE-2025-21298) EventID https://t.co/t30Cg2zCx7 https://t.co/GYJw0xNweP
@ObiOfundem
14 Mar 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
• CVE-2025-21298 ثغره غريبه ب Microsoft Outlook تصنيفها : 9.8 ! Zero-Click تخليك تاخذ RCE 😂 اذا مهتم تقراء شركه Offsec كاتبه عنها : https://t.co/yckYLgbEre https://t.co/MIa8ckK8ol
@0x4161
13 Mar 2025
5648 Impressions
10 Retweets
121 Likes
60 Bookmarks
2 Replies
0 Quotes
NEW No-Click Critical Vulnerability in Microsoft Windows: CVE-2025-21298 https://t.co/4TGJfOb0of #pentesting #Vulnerability #CyberSecurity #infosec https://t.co/E76i6YRNCY
@ptracesecurity
9 Mar 2025
2751 Impressions
11 Retweets
36 Likes
17 Bookmarks
1 Reply
0 Quotes
NEW No-Click Critical Vulnerability in Microsoft Windows: CVE-2025-21298 #MicrosoftWindows #CriticalVulnerability #CVE2025-21298 #Cybersecurity #HackersArise https://t.co/CxDal2qL5X
@reverseame
6 Mar 2025
5534 Impressions
38 Retweets
93 Likes
43 Bookmarks
20 Replies
1 Quote
A critical zero-click RCE vulnerability (CVE-2025-21298) in Windows OLE allows attackers to execute code without user interaction. Detected via a malicious RTF file. ⚠️ #WindowsOLE #ZeroClick #USA link: https://t.co/hlwv47A5nG https://t.co/pcya50ltjy
@TweetThreatNews
2 Mar 2025
99 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
I think can realize the troll store through (CVE-2025-21298) a little magic attack in ios 17.x to ios18.2rc.
@lczyyds668
26 Feb 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #CVE-2025-21298: Critical #Microsoft Outlook Vulnerability Exploited via Embedded Content https://t.co/lsHHuaiVof
@UndercodeUpdate
24 Feb 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
💥 FLASH NOTICE 💥 CVE-2025-21298 is a critical zero-click vulnerability in #Windows Object Linking and Embedding (OLE) technology. #Microsoft has released patches to address this vulnerability - users are strongly advised to apply them ASAP. More: https://t.co/n5pLUO0J5r https:
@Avertium
14 Feb 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-21298: Kritikus Windows OLE Zero-Click sérülékenység A modern kiberfenyegetések között a zero-click sebezhetőségek kiemelten veszélyesek, mivel minimális vagy akár nulla felhasználói interakciót igényelnek. A CVE-2025-21298 különösen kritikus, mivel egy egyszerű e-mail…
@freszferenc
9 Feb 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-23369 2 - CVE-2025-23419 3 - CVE-2025-21298 4 - CVE-2024-21413 5 - CVE-2013-2678 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
9 Feb 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Another CVE SOC Alert: Windows OLE Zero-Click RCE Exploitation Detected CVE: CVE-2025-21298 Type: Malware Difficulty: Medium Event ID: 314 https://t.co/vwe2FCwf5p
@LetsDefendIO
8 Feb 2025
2544 Impressions
3 Retweets
34 Likes
9 Bookmarks
0 Replies
0 Quotes
[1day1line] CVE-2025-21298: Windows OLE Double Free Vulnerability https://t.co/trGbpfViGu Hello. Today's one-line issue is CVE-2025-21298 which is Windows OLE Double Free vulnerability. The pstmContents used in the UtOlePresStmToContentsStm function of ole32.dll were released…
@hackyboiz
8 Feb 2025
4012 Impressions
25 Retweets
63 Likes
35 Bookmarks
0 Replies
0 Quotes
[1day1line] CVE-2025-21298: Windows OLE Double Free Vulnerability Hello. Today's one-line issue is CVE-2025-21298 which is Windows OLE Double Free vulnerability. The pstmContents used in the UtOlePresStmToContentsStm function of ole32.dll were released twice, causing Double… ht
@hackyboiz
8 Feb 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Micropatches Released for Windows OLE Remote Code Execution (CVE-2025-21298) https://t.co/QTSrBHyMG4 https://t.co/Ays6R4vFXv
@0patch
7 Feb 2025
550 Impressions
4 Retweets
7 Likes
0 Bookmarks
1 Reply
1 Quote
CVE-2025-21298 is a no-click, high-risk vulnerability in Windows. Malicious RTF files can execute code remotely just by being previewed in Outlook. Get the full details and mitigation steps: https://t.co/lMXGHFuq49 #windows #Vulnerability #ZeroClick #RemoteCodeExecution https:
@GeekFeedNet
5 Feb 2025
53 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
In January 2025, a critical security vulnerability identified as CVE-2025-21298 was disclosed, affecting Windows Object Linking and Embedding (OLE) technology. This vulnerability, with a CVSS score of 9.8, allows for remote code execution (RCE) through specially crafted… https
@y1659rsgh
3 Feb 2025
7 Impressions
1 Retweet
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-21298 is a no-click, high-risk vulnerability in Windows. Malicious RTF files can execute code remotely just by being previewed in Outlook. Get the full details and mitigation steps: https://t.co/3HQncnbEiP
@offsectraining
3 Feb 2025
64341 Impressions
260 Retweets
826 Likes
400 Bookmarks
7 Replies
10 Quotes
🔒 Discover #CVE-2025-21298, a critical flaw affecting Windows! 🚨 Protect your systems now with these 3 simple steps. #Exploit avaliable #CyberSecurity #Windows #InformationSecurity https://t.co/dsrhA6ndn6
@_F2po_
1 Feb 2025
101 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 Découvrez la CVE-2025-21298, une faille critique touchant Windows ! 🚨 Protégez vos systèmes maintenant avec ces 3 étapes simples. #CyberSécurité #Windows #SécuritéInformatique https://t.co/95qenH7Q09
@_F2po_
1 Feb 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-21298 2 - CVE-2025-24118 3 - CVE-2024-57727 4 - CVE-2025-24883 5 - CVE-2025-21293 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
1 Feb 2025
120 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitHub - ynwarcs/CVE-2025-21298: Proof of concept & details for CVE-2025-21298 - https://t.co/hlMXdSIRNJ
@piedpiper1616
1 Feb 2025
822 Impressions
5 Retweets
13 Likes
6 Bookmarks
0 Replies
0 Quotes
NEW No-Click Critical Vulnerability in Microsoft Windows: CVE-2025-21298
@StreetWalker212
1 Feb 2025
263 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
NEW! No-Click, Critical Vulnerability in Windows! CVE-2025-21298 Learn more here! https://t.co/zCAuGWv7s1 https://t.co/ShgVPN7KBp
@three_cube
31 Jan 2025
8869 Impressions
22 Retweets
102 Likes
23 Bookmarks
3 Replies
2 Quotes
به تازگی آسیب پذیری جدید برای Object Linking and Embedding (OLE) در ویندوز با کد شناسایی CVE-2025-21298 منتشر شده است. این آسیب پذیری از نوع RCE بوده و بسیار خطرناک می باشد چرا که نیازی به اجرای یک فایل یا کلیک کردن روی یک لینک نیست. https://t.co/Poz3aKY03t https://t.co/Hu3lA7L1
@AmirHossein_sec
30 Jan 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Viewing RTF documents regularly in Microsoft Word or Outlook? CVE-2025-21298 allows attackers to execute code and compromise systems with minimal user interaction. More on this and 4️⃣ other vulns in The Bug Report. https://t.co/sfgB5pUvCz https://t.co/HUZRl393KP
@TrellixARC
30 Jan 2025
238 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️ OLE objects embedded within RTF files are suspicious. ⚠️ 🤔 🚨 But if the context is an email containing an attached RTF with an OLE object, it may be trying to exploit CVE-2025-21298! 🚨☠️ https://t.co/mIf3aFivVl #exploit #RCE #maldoc #CVE https://t.co/cNbBnyyVAT
@filescan_itsec
29 Jan 2025
309 Impressions
2 Retweets
5 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 Breaking: Critical Zero-Click RCE Vulnerability Discovered in Outlook (CVE-2025-21298) 🚨 A newly uncovered zero-click remote code execution (RCE) vulnerability in Microsoft Outlook could allow attackers to execute malicious code without any user interaction. This means… http
@IntCyberDigest
28 Jan 2025
2149 Impressions
3 Retweets
21 Likes
8 Bookmarks
3 Replies
0 Quotes
CVE-2025-21298: Vulnerabilidad Crítica en Windows OLE que Amenaza la Seguridad de Outlook https://t.co/raiTezuvsm
@Error400cl
27 Jan 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
APT Groups in action again, started to Exploit CVE-2025-21298 by Botnet and C2-Operation IP: 185.199.109.133 MD5: 9d68678aeee52684bbe3c983222b1da3 Malware found linked IP are: CobaltStrike, Blackmoon, Mimikatz, njRAT, QuasarRAT, RedLineStealer, Lumma, and TFRv2 and v1. https://
@byt3n33dl3
27 Jan 2025
184 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
1 Quote
Detectada vulnerabilidad crítica en Microsoft (CVE-2025-21298). Este fallo en la tecnología OLE de Windows permite la ejecución remota de código (RCE) sin interacción del usuario, afectando a múltiples versiones de Windows. Más detalles aquí: https://t.co/8gnhJ9ihGy https://t.co/
@s2grupo
27 Jan 2025
124 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
CVE-2025-21298 Windows OLE Remote Code Execution Vulnerability! A critical vulnerability in Windows Object Linking and Embedding (OLE) technology, which enables remote code execution (RCE) with a CVSS severity score of 9.8. Read more: https://t.co/vTN6RWA74m #cve #rce #windows
@0xKrat0s
27 Jan 2025
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-23006 2 - CVE-2024-50050 3 - CVE-2024-43468 4 - CVE-2025-0282 5 - CVE-2025-21298 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
27 Jan 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
💡Chinese #APT 🇨🇳 Groups started to #Exploit #CVE-2025-21298 by #Botnet C2 IP: 185.199.109.133 MD5: 9d68678aeee52684bbe3c983222b1da3 #Malware found linked IP are: #CobaltStrike, #Blackmoon, #Mimikatz, #njRAT, #QuasarRAT, #RedLineStealer #infosec #OSINT #security #china #TO
@RakeshKrish12
27 Jan 2025
5734 Impressions
26 Retweets
78 Likes
38 Bookmarks
2 Replies
0 Quotes
Outlook の Zero-Click 脆弱性 CVE-2025-21298 に注意:2025/01 の月例で対応済み https://t.co/BFZixIgjV2 メールにエンベッドされた OLE オブジェクトが関連する、Outlook の脆弱性が FIX とのことです。文中にもあるように、この脆弱性は、Patch Tuesday 2025 January で FIX… https://t.co/mFBJC4JPYa
@iototsecnews
27 Jan 2025
352 Impressions
2 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
A critical zero-click vulnerability (CVE-2025-21298) in Windows OLE allows malicious code execution simply by previewing a harmful RTF email. Security experts urge immediate risk mitigation! ⚠️ #Microsoft #Windows #Malware link: https://t.co/ACkJEB7RtC https://t.co/5uAUxSJr5I
@TweetThreatNews
26 Jan 2025
70 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
Zero-Click Outlook RCE Vulnerability (CVE-2025-21298), PoC Released https://t.co/58e31Vuh45
@PVynckier
26 Jan 2025
155 Impressions
3 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
This is a proof-of-concept for CVE-2025-21298 - Windows OLE Remote Code Execution Vulnerability (CVSS 9.8) https://t.co/3Xd2Vu8OKN https://t.co/Kmb0P5zkVb
@secharvesterx
26 Jan 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
اکسپلویت آسیب پذیری CVE-2025-21298 در Microsoft Outlook منتشر شد! #Cyber_security_news #اخبار_امنیت_سایبری #CVE_2025_21298 #Microsoft_Outlook https://t.co/hbY40TyoRn
@vulnerbyte
25 Jan 2025
33 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
There is a vulnerability CVE-2025-21298 every IT person needs to update your windows computers right away and it has to do with Microsoft outlook. It’s a nasty one .
@RealDrewJones
25 Jan 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
4 Replies
0 Quotes
CVE-2025-21298 Exploit Code Released #CVE-2025-21298 #Microsoft #ExploitCode https://t.co/O5we5RBBSv
@pravin_karthik
24 Jan 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-21298: Critical RCE vulnerability in Windows OLE discovered! 🛑 Attackers can execute malicious code to take control of affected systems. Don't miss out on the details & patch now! 🔒 🔗https://t.co/dJc8QcIhkE #go_to_cve #CVE #RCE #WindowsOLE #Security
@soltanali0
23 Jan 2025
264 Impressions
0 Retweets
8 Likes
0 Bookmarks
2 Replies
0 Quotes
🚨 Zero-Click Vulnerability Alert: Microsoft patched a critical zero-click RCE vulnerability in Windows OLE (CVE-2025-21298). 9.8 on CVSS and allows attackers to exploit systems with no user interaction. - Just previewing an email. Let’s break it down 🧵👇
@mattjay
23 Jan 2025
103031 Impressions
214 Retweets
981 Likes
547 Bookmarks
10 Replies
18 Quotes
A critical vulnerability (CVE-2025-21298) in Windows enables remote code execution through a malicious RTF file sent via email. It impacts Windows 10, 11, and Server, with a severity score of 9.8/10 (CVSS). #CyberSecurity #InfoSec https://t.co/KEKGrrupq9
@0x_Lady
23 Jan 2025
84 Impressions
0 Retweets
1 Like
1 Bookmark
1 Reply
0 Quotes
🚨 ALERTE #CYBER 🚨 Nouvelle vulnérabilité critique dans #Microsoft Outlook. Une faille majeure, référencée CVE-2025-21298, a été découverte dans #Outlook. Plus d'infos en commentaire 👇 https://t.co/Gu9Z7J8XAg
@MgmSolutionsfr
23 Jan 2025
99 Impressions
0 Retweets
0 Likes
0 Bookmarks
3 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "D5C2C390-24E9-42C9-84BF-EE28670CAB30",
"versionEndExcluding": "10.0.10240.20890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "C0B9C790-A26D-4EBD-B5CA-F0C628835A21",
"versionEndExcluding": "10.0.10240.20890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "DE0F44E5-40C1-4BE3-BBA4-507564182682",
"versionEndExcluding": "10.0.14393.7699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "83F40BB6-BBAE-4CD4-A5FE-1DAF690101AB",
"versionEndExcluding": "10.0.14393.7699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "1BB028F9-A802-40C7-97BF-1D169291678F",
"versionEndExcluding": "10.0.17763.6775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "9F077951-8177-4FEE-A49A-76E51AE48CE0",
"versionEndExcluding": "10.0.17763.6775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D64D2C7-51C3-47EB-B86E-75172846F4DF",
"versionEndExcluding": "10.0.19044.5371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC92CC57-B18C-43C3-8180-9A2108407433",
"versionEndExcluding": "10.0.19045.5371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D84EDF98-16E1-412A-9879-2C2FEF87FB2B",
"versionEndExcluding": "10.0.22621.4751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "282E3839-E953-4B14-A860-DBACC1E99AFF",
"versionEndExcluding": "10.0.22631.4751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78A3F671-95DC-442A-A511-1E875DF93546",
"versionEndExcluding": "10.0.26100.2894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4426DD-B748-4CC4-AC68-88AD963E5F0C",
"versionEndExcluding": "10.0.14393.7699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F604C79-6A12-44C9-B69D-A2E323641079",
"versionEndExcluding": "10.0.17763.6775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B8C9C82-359E-4318-A10D-AA47CDFB38FE",
"versionEndExcluding": "10.0.20348.3091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3E0C061-2DA7-4237-9607-F6792DC92DD3",
"versionEndExcluding": "10.0.25398.1369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "2CFD18D5-3C1F-4E3A-A143-EE3F1FFBB880",
"versionEndExcluding": "10.0.26100.2894",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]