CVE-2025-21355

Published Feb 19, 2025

Last updated a year ago

CVSS high 8.6

Overview

Description
Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network
Source
secure@microsoft.com
NVD status
Analyzed
CNA Tags
exclusively-hosted-service
Products
bing

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

secure@microsoft.com
CWE-306
nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

  1. Actively exploited CVE : CVE-2025-21355

    @transilienceai

    1 Mar 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. برای محصول Microsoft Bing آسیب پذیری با کد شناسایی CVE-2025-21355 و از نوع RCE منتشر شده است که به هکرها امکان اجرای کد به صورت ریموت را می دهد. نمره این آسیب پذیری 8.6 بوده و ماکروسافت اعلام‌ نموده که به روز رسانی لازم در این خصوص را منتشر نموده است. https://t.co/Poz3aKY03t htt

    @AmirHossein_sec

    26 Feb 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Actively exploited CVE : CVE-2025-21355

    @transilienceai

    26 Feb 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. Actively exploited CVE : CVE-2025-21355

    @transilienceai

    24 Feb 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  5. Actively exploited CVE : CVE-2025-21355

    @transilienceai

    22 Feb 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  6. برای محصول Microsoft Bing آسیب پذیری با کد شناسایی CVE-2025-21355 و از نوع RCE منتشر شده است که به هکرها امکان اجرای کد به صورت ریموت را می دهد. نمره این آسیب پذیری 8.6 بوده و ماکروسافت اعلام‌ نموده که به روز رسانی لازم در این خصوص را منتشر نموده است. https://t.co/Poz3aKY03t htt

    @AmirHossein_sec

    21 Feb 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 🚨 CVE-2025-21355 🔴 HIGH (8.6) 🏢 Microsoft - Microsoft Bing 🏗️ N/A 🔗 https://t.co/nrFJVxCV9R #CyberCron #VulnAlert @microsoft https://t.co/FKO6ZGktLs

    @cybercronai

    21 Feb 2025

    135 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    1 Quote

  8. 🚨 Microsoft Bing Vulnerability Allows Remote Code Execution Read more: https://t.co/DLt2OFGNoa 👉 CVE-2025-21355 originated from inadequate authentication mechanisms in a critical Bing service component. 👉 Attackers could exploit the flaw over a network to execute malicious

    @The_Cyber_News

    20 Feb 2025

    302 Impressions

    0 Retweets

    1 Like

    2 Bookmarks

    1 Reply

    0 Quotes

  9. CVE-2025-21355 Microsoft Bing Remote Code Execution Vulnerability https://t.co/E8sKSBXwUb

    @Dinosn

    20 Feb 2025

    1832 Impressions

    3 Retweets

    4 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  10. 🚨 Microsoft has issued high-severity security updates for Bing (CVE-2025-21355) and Power Pages (CVE-2025-24989), addressing two serious flaws. One of these vulnerabilities is already being exploited in the wild. Read more: https://t.co/QDr5WQQLPr

    @TheHackersNews

    20 Feb 2025

    12323 Impressions

    60 Retweets

    105 Likes

    16 Bookmarks

    1 Reply

    2 Quotes

  11. #securityupdate #microsoft #定例外 2025. 2.19 Microsoft Bing のリモートでコードが実行される脆弱性 CVE-2025-21355 Security Vulnerability リリース日: 2025年2月19日 - マイクロソフト https://t.co/AeO5VnFTNG

    @kawn2020

    20 Feb 2025

    71 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    1 Quote

  12. ⚠️ Vulnerability Alert: Microsoft Bing Remote Code Execution Vulnerability 📅 Timeline: 📌 Attribution: 🆔cveId: CVE-2025-21355 📊baseScore: 8.6 📏cvssMetrics: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvssSeverity: High 🟠 🛠️exploitMaturity: Not Available 📂affectedVersions:…

    @syedaquib77

    20 Feb 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Microsoft has addressed a critical security flaw in its Bing search engine, tracked as CVE-2025-21355, which could have allowed unauthorized attackers to execute arbitrary code remotely. #ريال_مدريد_مانشستر_سيتي #ซองแดงแต่งผี #EastEnders #หลิงออม #CyberSecurity https://t.co/6EWdJ

    @techaniruddh

    20 Feb 2025

    144 Impressions

    0 Retweets

    2 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  14. Microsoft Bingに遠隔コード実行の脆弱性。修正済み。CVE-2025-21355はCVSSスコア8.6で、未認証の攻撃者によるネットワーク経由のコード実行。 https://t.co/1zesz4Did7

    @__kokumoto

    20 Feb 2025

    911 Impressions

    0 Retweets

    8 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  15. 🚨CVE-2025-21355: Microsoft Bing Remote Code Execution Vulnerability https://t.co/OnVhV6l6is

    @DarkWebInformer

    19 Feb 2025

    3241 Impressions

    2 Retweets

    20 Likes

    4 Bookmarks

    2 Replies

    0 Quotes

  16. [CVE-2025-21355: HIGH] Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network#cybersecurity,#vulnerability https://t.co/ef0rruBLNh https://t.co/wlTda8rAZq

    @CveFindCom

    19 Feb 2025

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.