CVE-2025-24054
Published Mar 11, 2025
Last updated 3 months ago
AI description
CVE-2025-24054 is a vulnerability in Windows NTLM that involves external control of the file name or path, potentially allowing an unauthorized attacker to perform spoofing over a network. The vulnerability can be exploited using a maliciously crafted .library-ms file. Active exploitation of CVE-2025-24054 has been observed in the wild since March 19, 2025. Attackers can potentially leak NTLM hashes or user passwords, compromising systems. Exploitation can be triggered with minimal user interaction, such as right-clicking, dragging and dropping, or simply navigating to a folder containing the malicious file.
- Description
- External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_22h2, windows_11_23h2, windows_11_24h2, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Primary
- Base score
- 5.4
- Impact score
- 2.5
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
Data from CISA
- Vulnerability name
- Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability
- Exploit added on
- Apr 17, 2025
- Exploit action due
- May 8, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-73
- Hype score
- Not currently trending
Find the POC for my new finding, CVE-2025-50154, a zero day vulnerability on windows file explorer disclosing NTLMv2-SSP without user interaction. It is a bypass for the CVE-2025-24054 Security Patch. https://t.co/JKA8zuyYnl
@RubenLabs
13 Aug 2025
1822 Impressions
17 Retweets
24 Likes
6 Bookmarks
1 Reply
0 Quotes
A newly identified zero-click NTLM credential leak exploit is bypassing the Microsoft patch designed for CVE-2025-24054, indicating a persistent challenge in securing digital systems against advanced cyber threats.
@complainthub_in
13 Aug 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
My team has found another CVE! This time on windows, it’s a NTLM credential leakage vulnerability that bypasses Microsoft’s patch for CVE-2025-24054 https://t.co/qr8HV9djx0
@IKalendarov
12 Aug 2025
373 Impressions
2 Retweets
6 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-24054 Under Active Attack: Stealing NTLM Credentials during File download #technewsy #technews #CybersecurityNews https://t.co/kZrBuXgSSh
@technewsy_in
23 Jun 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
7 Jun 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
1 Jun 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
27 May 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
26 May 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
24 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
22 May 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
20 May 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-24054 - NTLM vulnerability exploited in the wild https://t.co/UA15zWuzHN https://t.co/9QdEeax1VS
@jamesboykin11
9 May 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
8 May 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-24054 - NTLM vulnerability exploited in the wild https://t.co/Z3QAy2UuNT https://t.co/8pCgTslhco
@SirajD_Official
5 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
4 May 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 CIA's Abuse of #Windows library-ms Files and How to Mitigate #CVE-2025-24054 https://t.co/i7bGeLkmBe Educational Purposes!
@UndercodeUpdate
4 May 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24054 - NTLM vulnerability exploited in the wild https://t.co/I74VwiSQOy https://t.co/B999N5f7yO
@scandaletti
30 Apr 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
29 Apr 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability (CVE-2025-24054) #CVE202524054 #Microsoft #MicrosoftWindows #NTLM https://t.co/W8vA8xiUG5 https://t.co/j2aDbAJSCt
@SystemTek_UK
29 Apr 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
27 Apr 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🔒 Microsoft’s “less likely” vulnerability CVE-2025-24054 just got a wake-up call! Turns out, hash leaks are the new party crashers in NTLM. Patch up, folks! #WindowsForum #CyberSecurity #PatchTuesday https://t.co/xGHYsgk0ic
@windowsforum
27 Apr 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Just when you thought it was safe to patch! The NTLM vulnerability (CVE-2025-24054) went from "meh" to "oh no!" faster than you can say 'Windows Update.' Stay alert, folks! #WindowsForum #Cybersecurity #PatchTuesday https://t.co/Gdbj1euyIf
@windowsforum
27 Apr 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Just 8 days post-Patch Tuesday, a critical NTLM vulnerability (CVE-2025-24054) is causing chaos in Poland & Romania! Looks like Microsoft’s "fix" needs a fix! Stay alert! #WindowsForum #CyberSecurity #PatchTuesday https://t.co/CzciclwzO8
@windowsforum
27 Apr 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 Just when you thought it was safe to patch, CVE-2025-24054 shows up like an uninvited guest, letting attackers pass-the-hash with ease! Time to double-check those NTLM settings! #WindowsForum #CyberSecurity #PatchTuesday https://t.co/EyJHgdTz4K
@windowsforum
27 Apr 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Patch alert! Microsoft’s latest fix for the NTLM vulnerability (CVE-2025-24054) turned from “meh” to “oh no!” faster than you can say “update required.” Stay safe, folks—don’t let your system be the next target! #WindowsForum #SecurityUpdate #PatchTue… ht
@windowsforum
27 Apr 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Patch Tuesday just got spicy! What started as a routine update turned into a cybersecurity thriller with CVE-2025-24054—an NTLM flaw that’s now on attackers' wish lists. Stay safe out there! #WindowsForum #PatchTuesday #Cybersecurity https://t.co/jFhGqS10Ws
@windowsforum
27 Apr 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 Microsoft thought CVE-2025-24054 was a wallflower, but hackers turned it into the life of the party! Watch out, NTLM—this vulnerability is making waves in Poland and Romania! #WindowsForum #CyberSecurity #PatchTuesday https://t.co/ZuF64gdtNR
@windowsforum
27 Apr 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ March 11, 2025, brought a "less likely" bug that turned into a hacker's dream! CVE-2025-24054 is leaking NTLM hashes faster than you can say "patch it up!" Stay safe out there! #PatchTuesday #WindowsForum #CyberSecurity https://t.co/Uf035Gm6eN
@windowsforum
27 Apr 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
26 Apr 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Credits for CVE-2025-24054 have now been corrected thank you @msftsecresponse #CVE-2025-24054
@hyp3rlinx
25 Apr 2025
2394 Impressions
2 Retweets
19 Likes
2 Bookmarks
2 Replies
0 Quotes
Windows flaw CVE-2025-24054 actively exploited since March 19 to leak NTLM hashes via phishing attacks. Learn more: https://t.co/cz7ZuKOAmI #phishing #attacks #windows
@thehlayer
25 Apr 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Windows users: CVE-2025-24054 is being actively exploited! Just viewing a malicious file can leak your credentials—no clicks needed. Find out how to protect your network now before it’s too late! 🔒 #CyberSecurityAlert https://t.co/pSWhsNhS5H
@cheinyeanlim
25 Apr 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We added the following vulnerabilities to our feed: - UNDISCLOSED: Microsoft Management Console - CVE-2025-24054: Windows File Explorer NTLM Leak - CVE-2025-24985: Windows FAT DoS - CVE-2023-36205: Zemana AntiMalware LPE - CVE-2021-21551: Dell Driver LPE https://t.co/iKW6swSCtZ
@crowdfense
24 Apr 2025
2079 Impressions
6 Retweets
14 Likes
8 Bookmarks
0 Replies
0 Quotes
In this week’s episode of “The Weekly Purple Team,” we deep-dive into CVE-2025-24054, which can be exploited by unzipping or touching a library-ms file. Threat actors have actively used this exploit, which is pretty novel. Check it out! https://t.co/1LiKwM1LbR
@BriPwn
24 Apr 2025
357 Impressions
2 Retweets
7 Likes
1 Bookmark
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
24 Apr 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
ALERTA DE SEGURIDAD CRÍTICA en Windows! Robo de Credenciales NTLM 'Zero-Click' CVE-2025-24054 Explicada: Esta falla permite la captura silenciosa de hashes NTLMv2 cuando un usuario simplemente descarga un archivo malicioso que referencia un recurso remoto. https://t.co/XOfQzYA2u
@AlexCalvillo_SI
22 Apr 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
22 Apr 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
【悲報】マイクロソフトさんが「悪用の可能性は低い」とした脆弱性、開示から8日で悪用されてしまう。NTLMハッシュ漏洩の脆弱性CVE-2025-24054。Check Point社報告。Dropboxでホストされた悪性.library-ms入りZIPがフィッシングメールで使用された。 https://t.co/GLxRAOanbn
@__kokumoto
22 Apr 2025
6528 Impressions
55 Retweets
127 Likes
34 Bookmarks
0 Replies
2 Quotes
🛑 Windows : cet exploit NTLM est utilisé pour cibler entreprises et gouvernements 🔎 L'exploitation de la CVE-2025-24054 repose sur l'utilisation de fichiers .library-ms malveillants 👉 Plus d'infos : https://t.co/peTQcPvqp2 #phishing #windows #infosec https://t.co/peTQcPvqp2
@ITConnect_fr
22 Apr 2025
92 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’un NTLM Açığı (CVE-2025-24054)! Aktif Olarak İstismar Ediliyor https://t.co/yLKjqtOQxS https://t.co/VGJifHtmlU
@cozumpark
22 Apr 2025
186 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
@Microsoft said initially a low vulnerability CVE-2025-24054 , #hackers see this as a major vulnerability; NTLM Hash spoofing https://t.co/ezJSGgQepx
@PeterJopling
22 Apr 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2025 Bug Bounties! Hunt: CVE-2025-30406: Gladinet key CVE-2025-29824: Windows EoP CVE-2025-24054: NTLM theft CVE-2025-24813: Tomcat bug CVE-2025-32433: SSH RCE Burp, Amass. Big bounties! Get Bug Bounty Guide 2025! #BugBounty #VulnHunting2025 https://t.co/tin4q4LnYa
@Viper_Droidd
21 Apr 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-24054 #Microsoft #Windows NTLM Hash Disclosure Spoofing Vulnerability https://t.co/ZiNAYXy7uW
@ScyScan
21 Apr 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #NTLM exploited, again. CVE-2025-24054 shows why @Microsoft is urging a move to #Kerberos. Visuality Systems offers secure, Kerberos-ready #SMBprotocol libraries to support your transition. https://t.co/UtkY1sAVaY
@Visuality_NQ
21 Apr 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
21 Apr 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-24054 is now under active attack. Threat actors are using malicious .library-ms files to steal NTLM hashes with minimal user interaction — sometimes just by downloading a file. Legacy protocols = easy targets. Patch now. #CyberSecurity #CVE202524054 https://t.co/VNSIVA4N
@Shift6Security
21 Apr 2025
36 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-24054 Under Active Attack: Stealing NTLM Credentials during File download #technewsy #technews #cybersecuritynews https://t.co/FcDwwWParT
@RamananTechPro
21 Apr 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#AlertaSeguridad #AlertaInformática Alerta en Windows: vulnerabilidad NTLM (CVE-2025-24054) explotada para robo de hashes https://t.co/rHguvmkfqc
@sinelo1968
20 Apr 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
حملات فعال به CVE-2025-24054: سرقت هشهای NTLM هنگام دانلود فایل #Cybersecurity #Cybersecurity_News #اخبار_امنیت_سایبری #CVE_2024_43451 #CVE_2025_24054 #مایکروسافت #Microsoft #NTLM https://t.co/dVnNpRDvrL
@vulnerbyte
20 Apr 2025
62 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24054 : Under Active Attack Steals NTLM Credentials on File Download https://t.co/F5D5gzwu5y
@freedomhack101
20 Apr 2025
40 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "6997DE6E-CBAD-4690-A68C-8F10E477DCC2",
"versionEndExcluding": "10.0.10240.20947"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "3CBCF6D9-5085-473C-82F5-98BC246A9C4C",
"versionEndExcluding": "10.0.10240.20947"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "0CF0E174-4692-4AA3-B72E-12E73A1BDBE5",
"versionEndExcluding": "10.0.14393.7876"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "340EF5F8-D4F5-4AD8-9D80-1DEC2F376BE5",
"versionEndExcluding": "10.0.14393.7876"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "67C8DCD7-90C4-431F-BD03-FDFDE170E748",
"versionEndExcluding": "10.0.17763.7009"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "05169574-28AB-4E42-B3DE-710574BB1AD3",
"versionEndExcluding": "10.0.17763.7009"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "714C0D5E-BE31-45AB-A729-FF55DE59F593",
"versionEndExcluding": "10.0.19044.5608"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "0C8B2D45-7059-4FA0-A46C-64A171D287DA",
"versionEndExcluding": "10.0.19044.5608"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "5569800D-B907-47CC-86D2-EC0118157916",
"versionEndExcluding": "10.0.19044.5608"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "A84E706C-3A65-4920-8F80-2A684D3CB110",
"versionEndExcluding": "10.0.19045.5608"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "ED157557-37C1-4802-8746-B87120BA16FA",
"versionEndExcluding": "10.0.19045.5608"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "BE8F0EF2-EED3-4791-AE26-D24D97B673D6",
"versionEndExcluding": "10.0.19045.5608"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "C8949B3E-5847-42F8-A15A-D7515F0EE305",
"versionEndExcluding": "10.0.22621.5039"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "84D4F97D-3BA2-4B7A-B650-5772DE49CE97",
"versionEndExcluding": "10.0.22621.5039"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "82807292-1736-4453-B805-3D471BF94A35",
"versionEndExcluding": "10.0.22631.5039"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "E19130AD-ECD6-4FC4-B2C8-AB058BDEF928",
"versionEndExcluding": "10.0.22631.5039"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "B7ADF37E-1DD3-4539-8922-1E059955FEF1",
"versionEndExcluding": "10.0.26100.3403"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "E0A74D52-ABC0-4733-B892-F8688B6AEBA7",
"versionEndExcluding": "10.0.26100.3403"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7610CDB-A02B-4C62-B17F-6DCE2B3DE4F0",
"versionEndExcluding": "10.0.14393.7876"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D271422D-A29F-4DBF-BF72-BCD90E393A5A",
"versionEndExcluding": "10.0.17763.7009"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AAACC9C4-DDC5-4059-AFE3-A49DB2347A86",
"versionEndExcluding": "10.0.20348.3270"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF423F8C-2E8A-46AB-BB2D-C416BF341F92",
"versionEndExcluding": "10.0.25398.1486"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF81B44C-8FF7-4C61-9974-3F98DA9D492C",
"versionEndExcluding": "10.0.26100.3403"
}
],
"operator": "OR"
}
]
}
]