CVE-2025-24054
Published Mar 11, 2025
Last updated a month ago
- Description
- External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_22h2, windows_11_23h2, windows_11_24h2, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Primary
- Base score
- 5.4
- Impact score
- 2.5
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
Data from CISA
- Vulnerability name
- Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability
- Exploit added on
- Apr 17, 2025
- Exploit action due
- May 8, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-73
- Hype score
- Not currently trending
Windows 10/11 NTLM Hash Disclosure Spoofing (CVE-2025-24054) 🛜 Read More @ https://t.co/Z4GSBkFYwi
@Roguevaultnews
16 Feb 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24054 PoC creates .library-ms files in ZIPs that trigger NTLM hash disclosure when opened in Windows Explorer. https://t.co/Mepkk0MjhN #Cybersecurity #CVE #NTLM #WindowsSecurity #HashLeak #Spoofing #RedTeam #ExploitPoC #ThreatIntel #RelayAttack https://t.co/LUfnERQRE5
@redsecuretech
11 Feb 2026
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24054 PoC generates .library-ms files that trigger NTLM hash disclosure when opened in Windows Explorer. https://t.co/FSgMDgPtTd #Cybersecurity #CVE202524054 #NTLM #WindowsSecurity #HashDisclosure #RedTeam #ExploitPoC #ThreatIntel #PrivilegeEscalation #RelayAttack http
@redsecuretech
10 Feb 2026
43 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨تحلیل کامل CVE-2025-24054 | افشای هش #NTLM در ویندوز. با دستکاری مسیرهای UNC و تعامل حداقلی کاربر، هش NTLMv2 افشا میشود. PoC عمومی، KEV CISA و پچ شده در مارس 2025. #CVE #WindowsSecurity
@vulnerbyte
17 Dec 2025
85 Impressions
2 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-24071 // CVE-2025-24054: PoC for NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File Write-up: https://t.co/tl3nepqqG7 GitHub: https://t.co/jnVDvYMGvE https://t.co/aZBi5lPEQK
@DarkWebInformer
16 Oct 2025
15342 Impressions
65 Retweets
359 Likes
183 Bookmarks
4 Replies
0 Quotes
Fluffy from @hackthebox_eu is a nice AD / ADCS box with CVE-2025-24071/CVE-2025-24054 to get a NetNTLMv2, and then pivot using BloodHound to get access to a user who can exploit ESC16 in the ADCS environment. https://t.co/aAMY0EJvXD
@0xdf_
20 Sept 2025
4086 Impressions
16 Retweets
96 Likes
32 Bookmarks
0 Replies
0 Quotes
POC for CVE-2025-50154, a zero day vulnerability on windows file explorer disclosing NTLMv2-SSP without user interaction. It is a bypass for the CVE-2025-24054 Security Patch
@Jeyso215
8 Sept 2025
120 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🔴 Cyber Security Alert 🚨 Important security news alert: CVE-2025-24054 indicates NTLM Exploit in the wild. Protect your network integrity from potential threats. Stay informed at https://t.co/SfN3vvD492. #CyberSecurity #NTLMExploit #NetworkSecurity
@ScureInfosec
5 Sept 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Find the POC for my new finding, CVE-2025-50154, a zero day vulnerability on windows file explorer disclosing NTLMv2-SSP without user interaction. It is a bypass for the CVE-2025-24054 Security Patch. https://t.co/JKA8zuyYnl
@RubenLabs
13 Aug 2025
1822 Impressions
17 Retweets
24 Likes
6 Bookmarks
1 Reply
0 Quotes
A newly identified zero-click NTLM credential leak exploit is bypassing the Microsoft patch designed for CVE-2025-24054, indicating a persistent challenge in securing digital systems against advanced cyber threats.
@complainthub_in
13 Aug 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
My team has found another CVE! This time on windows, it’s a NTLM credential leakage vulnerability that bypasses Microsoft’s patch for CVE-2025-24054 https://t.co/qr8HV9djx0
@IKalendarov
12 Aug 2025
373 Impressions
2 Retweets
6 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-24054 Under Active Attack: Stealing NTLM Credentials during File download #technewsy #technews #CybersecurityNews https://t.co/kZrBuXgSSh
@technewsy_in
23 Jun 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
7 Jun 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
1 Jun 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
27 May 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
26 May 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
24 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
22 May 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
20 May 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-24054 - NTLM vulnerability exploited in the wild https://t.co/UA15zWuzHN https://t.co/9QdEeax1VS
@jamesboykin11
9 May 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
8 May 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-24054 - NTLM vulnerability exploited in the wild https://t.co/Z3QAy2UuNT https://t.co/8pCgTslhco
@SirajD_Official
5 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
4 May 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 CIA's Abuse of #Windows library-ms Files and How to Mitigate #CVE-2025-24054 https://t.co/i7bGeLkmBe Educational Purposes!
@UndercodeUpdate
4 May 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24054 - NTLM vulnerability exploited in the wild https://t.co/I74VwiSQOy https://t.co/B999N5f7yO
@scandaletti
30 Apr 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
29 Apr 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability (CVE-2025-24054) #CVE202524054 #Microsoft #MicrosoftWindows #NTLM https://t.co/W8vA8xiUG5 https://t.co/j2aDbAJSCt
@SystemTek_UK
29 Apr 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
27 Apr 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🔒 Microsoft’s “less likely” vulnerability CVE-2025-24054 just got a wake-up call! Turns out, hash leaks are the new party crashers in NTLM. Patch up, folks! #WindowsForum #CyberSecurity #PatchTuesday https://t.co/xGHYsgk0ic
@windowsforum
27 Apr 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Just when you thought it was safe to patch! The NTLM vulnerability (CVE-2025-24054) went from "meh" to "oh no!" faster than you can say 'Windows Update.' Stay alert, folks! #WindowsForum #Cybersecurity #PatchTuesday https://t.co/Gdbj1euyIf
@windowsforum
27 Apr 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Just 8 days post-Patch Tuesday, a critical NTLM vulnerability (CVE-2025-24054) is causing chaos in Poland & Romania! Looks like Microsoft’s "fix" needs a fix! Stay alert! #WindowsForum #CyberSecurity #PatchTuesday https://t.co/CzciclwzO8
@windowsforum
27 Apr 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 Just when you thought it was safe to patch, CVE-2025-24054 shows up like an uninvited guest, letting attackers pass-the-hash with ease! Time to double-check those NTLM settings! #WindowsForum #CyberSecurity #PatchTuesday https://t.co/EyJHgdTz4K
@windowsforum
27 Apr 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Patch alert! Microsoft’s latest fix for the NTLM vulnerability (CVE-2025-24054) turned from “meh” to “oh no!” faster than you can say “update required.” Stay safe, folks—don’t let your system be the next target! #WindowsForum #SecurityUpdate #PatchTue… ht
@windowsforum
27 Apr 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Patch Tuesday just got spicy! What started as a routine update turned into a cybersecurity thriller with CVE-2025-24054—an NTLM flaw that’s now on attackers' wish lists. Stay safe out there! #WindowsForum #PatchTuesday #Cybersecurity https://t.co/jFhGqS10Ws
@windowsforum
27 Apr 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 Microsoft thought CVE-2025-24054 was a wallflower, but hackers turned it into the life of the party! Watch out, NTLM—this vulnerability is making waves in Poland and Romania! #WindowsForum #CyberSecurity #PatchTuesday https://t.co/ZuF64gdtNR
@windowsforum
27 Apr 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ March 11, 2025, brought a "less likely" bug that turned into a hacker's dream! CVE-2025-24054 is leaking NTLM hashes faster than you can say "patch it up!" Stay safe out there! #PatchTuesday #WindowsForum #CyberSecurity https://t.co/Uf035Gm6eN
@windowsforum
27 Apr 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
26 Apr 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Credits for CVE-2025-24054 have now been corrected thank you @msftsecresponse #CVE-2025-24054
@hyp3rlinx
25 Apr 2025
2394 Impressions
2 Retweets
19 Likes
2 Bookmarks
2 Replies
0 Quotes
Windows flaw CVE-2025-24054 actively exploited since March 19 to leak NTLM hashes via phishing attacks. Learn more: https://t.co/cz7ZuKOAmI #phishing #attacks #windows
@thehlayer
25 Apr 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Windows users: CVE-2025-24054 is being actively exploited! Just viewing a malicious file can leak your credentials—no clicks needed. Find out how to protect your network now before it’s too late! 🔒 #CyberSecurityAlert https://t.co/pSWhsNhS5H
@cheinyeanlim
25 Apr 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We added the following vulnerabilities to our feed: - UNDISCLOSED: Microsoft Management Console - CVE-2025-24054: Windows File Explorer NTLM Leak - CVE-2025-24985: Windows FAT DoS - CVE-2023-36205: Zemana AntiMalware LPE - CVE-2021-21551: Dell Driver LPE https://t.co/iKW6swSCtZ
@crowdfense
24 Apr 2025
2079 Impressions
6 Retweets
14 Likes
8 Bookmarks
0 Replies
0 Quotes
In this week’s episode of “The Weekly Purple Team,” we deep-dive into CVE-2025-24054, which can be exploited by unzipping or touching a library-ms file. Threat actors have actively used this exploit, which is pretty novel. Check it out! https://t.co/1LiKwM1LbR
@BriPwn
24 Apr 2025
357 Impressions
2 Retweets
7 Likes
1 Bookmark
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
24 Apr 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
ALERTA DE SEGURIDAD CRÍTICA en Windows! Robo de Credenciales NTLM 'Zero-Click' CVE-2025-24054 Explicada: Esta falla permite la captura silenciosa de hashes NTLMv2 cuando un usuario simplemente descarga un archivo malicioso que referencia un recurso remoto. https://t.co/XOfQzYA2u
@AlexCalvillo_SI
22 Apr 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24054
@transilienceai
22 Apr 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
【悲報】マイクロソフトさんが「悪用の可能性は低い」とした脆弱性、開示から8日で悪用されてしまう。NTLMハッシュ漏洩の脆弱性CVE-2025-24054。Check Point社報告。Dropboxでホストされた悪性.library-ms入りZIPがフィッシングメールで使用された。 https://t.co/GLxRAOanbn
@__kokumoto
22 Apr 2025
6528 Impressions
55 Retweets
127 Likes
34 Bookmarks
0 Replies
2 Quotes
🛑 Windows : cet exploit NTLM est utilisé pour cibler entreprises et gouvernements 🔎 L'exploitation de la CVE-2025-24054 repose sur l'utilisation de fichiers .library-ms malveillants 👉 Plus d'infos : https://t.co/peTQcPvqp2 #phishing #windows #infosec https://t.co/peTQcPvqp2
@ITConnect_fr
22 Apr 2025
92 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’un NTLM Açığı (CVE-2025-24054)! Aktif Olarak İstismar Ediliyor https://t.co/yLKjqtOQxS https://t.co/VGJifHtmlU
@cozumpark
22 Apr 2025
186 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
@Microsoft said initially a low vulnerability CVE-2025-24054 , #hackers see this as a major vulnerability; NTLM Hash spoofing https://t.co/ezJSGgQepx
@PeterJopling
22 Apr 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2025 Bug Bounties! Hunt: CVE-2025-30406: Gladinet key CVE-2025-29824: Windows EoP CVE-2025-24054: NTLM theft CVE-2025-24813: Tomcat bug CVE-2025-32433: SSH RCE Burp, Amass. Big bounties! Get Bug Bounty Guide 2025! #BugBounty #VulnHunting2025 https://t.co/tin4q4LnYa
@Viper_Droidd
21 Apr 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "6997DE6E-CBAD-4690-A68C-8F10E477DCC2",
"versionEndExcluding": "10.0.10240.20947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "3CBCF6D9-5085-473C-82F5-98BC246A9C4C",
"versionEndExcluding": "10.0.10240.20947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "0CF0E174-4692-4AA3-B72E-12E73A1BDBE5",
"versionEndExcluding": "10.0.14393.7876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "340EF5F8-D4F5-4AD8-9D80-1DEC2F376BE5",
"versionEndExcluding": "10.0.14393.7876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "67C8DCD7-90C4-431F-BD03-FDFDE170E748",
"versionEndExcluding": "10.0.17763.7009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "05169574-28AB-4E42-B3DE-710574BB1AD3",
"versionEndExcluding": "10.0.17763.7009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "714C0D5E-BE31-45AB-A729-FF55DE59F593",
"versionEndExcluding": "10.0.19044.5608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "0C8B2D45-7059-4FA0-A46C-64A171D287DA",
"versionEndExcluding": "10.0.19044.5608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "5569800D-B907-47CC-86D2-EC0118157916",
"versionEndExcluding": "10.0.19044.5608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "A84E706C-3A65-4920-8F80-2A684D3CB110",
"versionEndExcluding": "10.0.19045.5608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "ED157557-37C1-4802-8746-B87120BA16FA",
"versionEndExcluding": "10.0.19045.5608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "BE8F0EF2-EED3-4791-AE26-D24D97B673D6",
"versionEndExcluding": "10.0.19045.5608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "C8949B3E-5847-42F8-A15A-D7515F0EE305",
"versionEndExcluding": "10.0.22621.5039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "84D4F97D-3BA2-4B7A-B650-5772DE49CE97",
"versionEndExcluding": "10.0.22621.5039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "82807292-1736-4453-B805-3D471BF94A35",
"versionEndExcluding": "10.0.22631.5039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "E19130AD-ECD6-4FC4-B2C8-AB058BDEF928",
"versionEndExcluding": "10.0.22631.5039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "B7ADF37E-1DD3-4539-8922-1E059955FEF1",
"versionEndExcluding": "10.0.26100.3403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "E0A74D52-ABC0-4733-B892-F8688B6AEBA7",
"versionEndExcluding": "10.0.26100.3403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7610CDB-A02B-4C62-B17F-6DCE2B3DE4F0",
"versionEndExcluding": "10.0.14393.7876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D271422D-A29F-4DBF-BF72-BCD90E393A5A",
"versionEndExcluding": "10.0.17763.7009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAACC9C4-DDC5-4059-AFE3-A49DB2347A86",
"versionEndExcluding": "10.0.20348.3270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF423F8C-2E8A-46AB-BB2D-C416BF341F92",
"versionEndExcluding": "10.0.25398.1486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF81B44C-8FF7-4C61-9974-3F98DA9D492C",
"versionEndExcluding": "10.0.26100.3403",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]