AI description
CVE-2025-21420 is an elevation of privilege vulnerability that exists in the Windows Disk Cleanup tool. Successful exploitation could allow an attacker to elevate their privileges to SYSTEM level. As of February 18, 2025, the CVSS v3 score is 7.8, considered High. Microsoft has addressed this vulnerability. It is recommended to apply the necessary security updates to mitigate the risk.
- Description
- Windows Disk Cleanup Tool Elevation of Privilege Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_22h2, windows_11_23h2, windows_11_24h2, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-59
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
Top 5 Trending CVEs: 1 - CVE-2025-5419 2 - CVE-2025-49144 3 - CVE-2023-39910 4 - CVE-2025-21420 5 - CVE-2025-33073 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
19 Oct 2025
177 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Haha, CVE-2025-21420: Disk Cleanup Tool jadi backdoor admin gratis di Win10—mau hapus sampah desktop, eh malah dapet EoP full akses. Dari "clean my mess" ke "own my mess," PoC GitHub-ready. Blackhat tip: next time, gunain buat wipe evidence, bukan cuma folder test. Patch or
@BJORKANISM_REAL
19 Oct 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Yo, underground fam! Baru aja nge-test POC CVE-2025-21420 di Win10 VM. Disk Cleanup yang polos itu? Boom, jadi pintu belakang EoP ke SYSTEM privileges. Jalankan silent cleanup via scheduled task, hapus folder target tanpa jejak. GitHub: https://t.co/Pd43o95ydu. Patch cepet, atau
@BJORKANISM_REAL
18 Oct 2025
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-21420: Proof of Concept for Windows Disk Cleanup Tool EoP GitHub: https://t.co/SeKy1lueZ7 https://t.co/sTVYadrH81
@DarkWebInformer
18 Oct 2025
12996 Impressions
54 Retweets
281 Likes
135 Bookmarks
2 Replies
0 Quotes
CVE-2025-21420: Windows Disk Cleanup Tool Elevation of Privilege Vulnerability https://t.co/iE4GXYEcXX… https://t.co/GQSCmKDAqi
@sirjameshackz
2 Sept 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-31200 2 - CVE-2023-50428 3 - CVE-2025-33073 4 - CVE-2025-21420 5 - CVE-2025-4275 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
15 Jun 2025
135 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Windowsのディスククリーンアップツール(cleanmgr.exe)に特権昇格の脆弱性(CVE-2025-21420)が確認され、PoCが公開された。 これはSilentCleanupタスクの不適切なリンク解決により、攻撃者がSYSTEM権限を取得可能とな
@yousukezan
13 Jun 2025
2116 Impressions
3 Retweets
17 Likes
7 Bookmarks
0 Replies
0 Quotes
poc CVE-2025-21420 https://t.co/g4F0MIKMd7
@moiz_hehe
13 Jun 2025
3233 Impressions
13 Retweets
53 Likes
24 Bookmarks
2 Replies
0 Quotes
CVE-2025-21420: Windows Disk Cleanup Tool Elevation of Privilege Vulnerability https://t.co/9VllloC5sY https://t.co/yaRupwBJmJ
@cyber_advising
12 Jun 2025
941 Impressions
4 Retweets
12 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-21420
@transilienceai
8 Mar 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-21420
@transilienceai
3 Mar 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
برای برنامه Windows Disk Cleanup Utility یا همان (cleanmgr.exe) آسیب پذیری با کد شناسایی CVE-2025-21420 و از نوع privilege escalation منتشر شده است. این آسیب پذیری باعث اجرای کدهای مخرب با دسترسی system از طریق تکنیک DLL sideloading می گردد. https://t.co/Poz3aKY03t https://t.c
@AmirHossein_sec
26 Feb 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Reminder; a vulnerability in the Windows Disk Cleanup Tool (cleanmgr.exe) patched by Microsoft (in February 2025 Patch Tuesday, CVE-2025-21420)
@ikatzsolutions
23 Feb 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ CVE-2025-21420 : un PoC est dispo. Cette faille critique dans Windows permet une élévation SYSTEM via DLL sideloading. La MAJ est sortie (Patch Tuesday 02/25) : appliquez-la ASAP pour sécuriser vos systèmes ! #cybersécurité #Windows 👇 https://t.co/A2MJ2vyPgL
@_F2po_
22 Feb 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️#CVE-2025-21420: PoC available. Critical Windows flaw allows SYSTEM escalation via DLL sideloading. Patch is out (02/25 Patch Tuesday)—apply it ASAP to secure your systems! #cybersecurity #Windows 👇 https://t.co/A2MJ2vyPgL
@_F2po_
22 Feb 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-21420: Windows Disk Cleanup Tool Elevation of Privilege Vulnerability https://t.co/NGVhVW1qLk
@cyber_advising
21 Feb 2025
3670 Impressions
32 Retweets
90 Likes
37 Bookmarks
0 Replies
0 Quotes
برای برنامه Windows Disk Cleanup Utility یا همان (cleanmgr.exe) آسیب پذیری با کد شناسایی CVE-2025-21420 و از نوع privilege escalation منتشر شده است. این آسیب پذیری باعث اجرای کدهای مخرب با دسترسی system از طریق تکنیک DLL sideloading می گردد. https://t.co/Poz3aKY03t https://t.
@AmirHossein_sec
21 Feb 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerability Alert: Windows Disk Cleanup Tool Exploit 📅 Timeline: Disclosure: 2025-02-20, Patch: 2025-02-20 📌 Attribution: 🆔cveId: CVE-2025-21420 📊baseScore: 7.8 📏cvssMetrics: AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvssSeverity: High 🟠 🛠️exploitMaturity: Actively… h
@syedaquib77
20 Feb 2025
24 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability (CVE-2025-21420) in Windows Disk Cleanup Tool has been exploited to gain SYSTEM privileges. Microsoft has issued a patch in February 2025. Stay updated! 🛡️💻 #WindowsUpdate #PrivilegeEscalation #USA link: https://t.co/9lFk3Y3aoR https://t.co/NhJFLWOUNe
@TweetThreatNews
20 Feb 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-21420: Windows Disk Cleanup Tool Flaw Exploited to Gain SYSTEM Privileges, PoC Released https://t.co/WtnCkU5EVl
@samilaiho
20 Feb 2025
960 Impressions
5 Retweets
14 Likes
2 Bookmarks
0 Replies
1 Quote
CVE-2025-21420: Windows Disk Cleanup Tool Flaw Exploited to Gain SYSTEM Privileges, PoC Released https://t.co/1dOfVYHLOT
@Dinosn
20 Feb 2025
2569 Impressions
21 Retweets
53 Likes
16 Bookmarks
0 Replies
0 Quotes
Windowsディスククリーンアップツールの脆弱性CVE-2025-21420に対応するPoC(攻撃の概念実証コード)が公開された。2月の定例更新で修正されていたもので、DLLサイドローディングによりSYSTEM権限の奪取が可能。 https://t.co/5B6CireRrb
@__kokumoto
20 Feb 2025
1800 Impressions
10 Retweets
28 Likes
10 Bookmarks
0 Replies
1 Quote
CVE-2025-21420: Windows Disk Cleanup Tool Flaw Exploited to Gain SYSTEM Privileges, PoC Released Learn about CVE-2025-21420, a critical vulnerability in the Windows Disk Cleanup Tool that could allow SYSTEM privilege escalation https://t.co/2DkZq98yPS
@the_yellow_fall
20 Feb 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Warning: Proof of concept code #PoC released for CVE-2025-21420, an #ElevationOfPrivilege vulnerability in the #Windows Disk Cleanup Tool. Exploitation could grant attackers #SYSTEM privileges! #Patch #Patch #Patch https://t.co/NPvlUY0Ef4
@CCBalert
18 Feb 2025
260 Impressions
4 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
GitHub - Network-Sec/CVE-2025-21420-PoC: We found a way to DLL sideload with cleanmgr.exe - https://t.co/tgMU3FhoAr
@piedpiper1616
17 Feb 2025
2972 Impressions
25 Retweets
56 Likes
28 Bookmarks
0 Replies
0 Quotes
#CVE-2025-21420 #Windows #cleanmgr #privesc Currently we found only the sideload part yet, but we also noted, how *probably* the privesc works. Date of post no other public PoC was to be found - this is the first. https://t.co/p1thsKynLu
@__Br1CkeD__
17 Feb 2025
3 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-21420 Windows Disk Cleanup Tool Elevation of Privilege Vulnerability https://t.co/W69vwPiMAi
@CVEnew
11 Feb 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "8B692D57-D1F5-440E-AC28-C7633740ED6E",
"versionEndExcluding": "10.0.10240.20915"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "44723F8C-6B56-4A27-B213-E822ADC16078",
"versionEndExcluding": "10.0.10240.20915"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "C91C224C-5CC9-42EF-8053-AC80EE2CC2B5",
"versionEndExcluding": "10.0.14393.7785"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "07421D08-3F88-4532-B652-36825784EFF9",
"versionEndExcluding": "10.0.14393.7785"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "B5BC47F5-150E-4D18-8CC4-356F22171D81",
"versionEndExcluding": "10.0.17763.6893"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "E448ECB4-CE46-4A29-A092-5A4D334E5535",
"versionEndExcluding": "10.0.17763.6893"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A932CBA3-651F-4BBA-968A-2D6CA7DF8506",
"versionEndExcluding": "10.0.19044.5487"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "810C8ECB-619F-447C-B352-E66F7EF5216E",
"versionEndExcluding": "10.0.19045.5487"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30AF7170-5722-4C9C-A8AD-7A9F0C5952EE",
"versionEndExcluding": "10.0.22621.4890"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FF62164-3C0C-4E7D-A8E3-F4095EBD35FF",
"versionEndIncluding": "10.0.22631.4890"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B9C5B9BC-F08B-49F8-82D3-7CC6BDB68995",
"versionEndExcluding": "10.0.26100.3194"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "208FA80F-F742-473E-81D5-003DC2BFFC6C",
"versionEndExcluding": "10.0.14393.7785"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "273EE4B9-8B53-4387-98C8-EC5D2558DB82",
"versionEndExcluding": "10.0.17763.6893"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1711CDE0-4C93-40D3-91B7-DE507143A45F",
"versionEndExcluding": "10.0.20348.3207"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "FB476271-F7D2-40F9-BAFC-2DCD597BFE27",
"versionEndExcluding": "10.0.25398.1425"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "C5C38103-E0F4-4302-98CE-BD8B20460004",
"versionEndExcluding": "10.0.26100.3194"
}
],
"operator": "OR"
}
]
}
]