AI description
CVE-2025-29824 is a use-after-free vulnerability in the Windows Common Log File System (CLFS) driver. Successful exploitation of this vulnerability allows an attacker to elevate their privileges to SYSTEM, meaning they can gain complete control over the affected system. This vulnerability has been exploited in the wild as a zero-day, meaning attackers were actively using it before a patch was available. It has been associated with ransomware attacks, where attackers use the elevated privileges to deploy ransomware. The vulnerability was addressed in Microsoft's April 2025 Patch Tuesday update.
- Description
- Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
- Exploit added on
- Apr 8, 2025
- Exploit action due
- Apr 29, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-416
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
29
🚨Playランサムウェア、Windowsの共通ログファイルシステムにおける脆弱性をゼロデイ攻撃で悪用(CVE-2025-29824) 🇪🇸欧州狙うDDoS攻撃が3月に88%増加、最大の標的はスペイン 〜サイバーアラート 5月8日〜 htt
@MachinaRecord
8 May 2025
53 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Ransomware groups exploited Windows zero-day before patch CVE-2025-29824 let attackers gain system privileges to drop malware like PipeMagic and Grixba. Patch now if you haven’t. https://t.co/RhM5iImQZc #ZeroDay #CVE202529824 #ransomware https://t.co/8GIoQCJB3R
@dCypherIO
7 May 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Threat Alert: Exploitation of Windows Zero-Day CVE-2025-29824 by Multiple Ransomware Groups 📅 Date: 2025-04 📆 Timeline: Initial exploitation detected prior to April 2025 patch release; ongoing ransomware activity observed through April 2025. 📍 Location: United St
@syedaquib77
7 May 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
The Play ransomware gang exploited a critical Windows zero-day flaw (CVE-2025-29824) to escalate privileges, install backdoors, and deploy malware across global sectors including finance & government. Stay aware! ⚠️ #WindowsVuln #GlobalThreats https://t.co/AKXBPRyUn7
@TweetThreatNews
7 May 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
In early May 2025, cybersecurity researchers from Symantec's Threat Hunter Team reported that the Play ransomware group exploited a zero-day vulnerability in Microsoft Windows, identified as CVE-2025-29824, to breach a U.S.-based organization. https://t.co/7nUHUiuLur https://t.co
@CoroMSP
7 May 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Play ransomware actors exploited a zero-day flaw in Windows (CVE-2025-29824) for privilege escalation, targeting a U.S. org with info theft tools like Grixba disguised as Palo Alto. 🚨 Stay alert. #ZeroDay #US #Threat https://t.co/KarqWgCc3L
@TweetThreatNews
7 May 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization https://t.co/LoWpn9xPyO
@Dinosn
7 May 2025
2225 Impressions
7 Retweets
28 Likes
8 Bookmarks
0 Replies
1 Quote
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization https://t.co/2g83sSGvAn https://t.co/oyQ62TQepI
@talentxfactor
7 May 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization. Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a... https://t.co/LdsdrSfIe1 #InceptusSecure #UnderOurProtection
@Inceptus3
7 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
7 May 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Play #Ransomware Exploited #Windows #CVE-2025-29824 as Zero-Day to Breach U.S. Organization https://t.co/tgO53B4ONM
@ScyScan
7 May 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The Hacker News - Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization https://t.co/iQO70ggc65
@buzz_sec
7 May 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Multiple threat groups exploited the Windows zero-day CVE-2025-29824 before patches, impacting organizations worldwide. Storm-2460 was linked to some attacks using malware. Stay vigilant! 🖥️ #Windows #CyberThreats #Global https://t.co/7ujQO6hotI
@TweetThreatNews
7 May 2025
33 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
📌 استغل مرتكبو هجوم رانسوموار Play ثغرة أمنية حديثة في Windows (CVE-2025-29824) كثغرة يوم الصفر لاستهداف منظمة في الولايات المتحدة. ووفقًا لفريق Symantec Threat Hunter، تم استخ
@Cybercachear
7 May 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📍Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization https://t.co/GQDPJJ5mGt
@cyberetweet
7 May 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A U.S. org was hit by Play ransomware using CVE-2025-29824 before it was patched. Attackers slipped in via a Cisco ASA, dropped fake Palo Alto files, stole AD data, and planted custom tools — but didn’t launch ransomware. 🔗 Read: https://t.co/6y6DsuyGrT
@TheHackersNews
7 May 2025
12206 Impressions
40 Retweets
88 Likes
18 Bookmarks
0 Replies
1 Quote
Actively exploited CVE : CVE-2025-29824
@transilienceai
5 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
4 May 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Storm-2460 just walked through CVE-2025-29824 like it was an open bar 🍸 PipeMagic’s doing tricks, and your EDR’s still “thinking about it” 💤 Skip the guesswork. We did the research. You just read it. 🧠 👉 https://t.co/x5v1vegasf #AlphaHunt #CyberSecurity
@alphahunt_io
2 May 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
2 May 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
New Post: Windows CLFS Zero-Day Exposed: CVE-2025-29824 Under Attack & How to Protect Yourself https://t.co/GPKwQPU2QI https://t.co/pZDJfRMbBQ
@PCRuns4U
2 May 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-29824 - Vulnerabilidad de Elevación de Privilegios en Windows CLFS 🚨 🔐 Nivel de Urgencia: Alto 📈 CVSS: 7.8 https://t.co/F2gCdfoNIV
@BanCERT_gt
1 May 2025
8 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
1 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Make sure you patch for this tweeps: CVE-2025-29824 https://t.co/RVUEU9RcIP
@UK_Daniel_Card
29 Apr 2025
4383 Impressions
15 Retweets
56 Likes
14 Bookmarks
4 Replies
1 Quote
Nueva vulnerabilidad 🚨 CVE-2025-29824 Permite a hackers tomar control total de tu PC si ya tienen acceso. Microsoft acaba de lanzar un parche https://t.co/JEf4qmOiOC
@blindma1den
29 Apr 2025
2148 Impressions
12 Retweets
64 Likes
15 Bookmarks
2 Replies
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
28 Apr 2025
39 Impressions
1 Retweet
0 Likes
0 Bookmarks
1 Reply
0 Quotes
2. Windows CLFS Zero-Day Açığı (CVE-2025-29824) Microsoft, Windows Common Log File System (CLFS) bileşeninde tespit edilen ve aktif olarak istismar edilen bir sıfır gün açığını (CVE-2025-29824) Nisan 2025 güvenlik güncellemeleri kapsamında yamalamıştır. Bu aç
@MuratDemirtas
28 Apr 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hey! Heads up, RansomEXX is exploiting a Windows zero-day (CVE-2025-29824) thru the CLFS driver. They're after SYSTEM-level access, and Windows 10 patches are delayed! Stay safe! https://t.co/vXKfOeqFcO
@fin_tech_news_
26 Apr 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hey, did you hear about PipeMagic? It uses a Windows zero-day (CVE-2025-29824) to get SYSTEM privileges - like, total control! Patch ASAP! https://t.co/XbgaBnMvO0
@storagetechnews
26 Apr 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Storm-2460 waltzed in through CVE-2025-29824 like it was an open bar 🍸 PipeMagic’s doing tricks, and your EDR’s still “thinking about it” 💤 Skip the guesswork. We did the research. You just read it. 🧠 👉 https://t.co/x5v1vegasf #AlphaHunt #AskYourTIP #Cyber
@alphahunt_io
26 Apr 2025
25 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
3. Windows CLFS Zero Day Açığı (CVE-2025-29824) Microsoft, Windows Common Log File System (CLFS) sürücüsünde tespit edilen ve aktif olarak istismar edilen bir zero day güvenlik açığını (CVE-2025-29824) gidermek için bir yama yayınladı. Bu açık, saldırganların sistem ayrıcalıkları
@MuratDemirtas
23 Apr 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A zero-day vulnerability in Windows CLFS (CVE-2025-29824) has been exploited by the ransomware group Storm-2460 using PipeMagic malware. Targets include organizations in the U.S., Venezuela, Spain, and Saudi Arabia. #CyberSecurity #ZeroDay #WindowsUpdate https://t.co/dZzScav70b
@MainNerve
22 Apr 2025
112 Impressions
2 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
22 Apr 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
2025 Bug Bounties! Hunt: CVE-2025-30406: Gladinet key CVE-2025-29824: Windows EoP CVE-2025-24054: NTLM theft CVE-2025-24813: Tomcat bug CVE-2025-32433: SSH RCE Burp, Amass. Big bounties! Get Bug Bounty Guide 2025! #BugBounty #VulnHunting2025 https://t.co/tin4q4LnYa
@Viper_Droidd
21 Apr 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
21 Apr 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
20 Apr 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Your bank’s “security strategy”? Hope, duct tape, and a prayer. 🙃 Meanwhile, Storm-2460 is out here doing magic tricks with #PipeMagic and CVE-2025-29824. 🎩 You patchin’, or just manifesting safety? Read the blog 👉 https://t.co/x5v1vegasf #AlphaHunt #AskYourTIP
@alphahunt_io
19 Apr 2025
12 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
19 Apr 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
18 Apr 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
18 Apr 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
2. Windows CLFS Zero Day Açığı (CVE-2025-29824) Microsoft, Windows Common Log File System (CLFS) sürücüsünde tespit edilen ve aktif olarak istismar edilen bir sıfır gün güvenlik açığını (CVE-2025-29824) gidermek için bir yama yayınladı. Bu açık, saldırganların sistem
@MuratDemirtas
18 Apr 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
17 Apr 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
16 Apr 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Windows zero-day (CVE-2025-29824) hit by ransomware! Patched, but are you safe? Share tips! #Cybersecurity #OSINT #Ransomware https://t.co/HJdG6QtPov
@security_nest
16 Apr 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
16 Apr 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Threat Alert: PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware CVE-2025-29824 CVE-2025-24983 CVE-2023-28252 Severity: ⚠️ Critical Maturity: 💢 Emerging Learn more: https://t.co/zGwGbSy81X #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
16 Apr 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
15 Apr 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 New Windows zero-day (CVE-2025-29824) exploited in ransomware attacks! ⚡ Attackers used PipeMagic malware, hidden in MSBuild files, and hijacked legit sites to spread payloads. Linked to RansomEXX gang. 🔒 Patch ASAP if you haven't! https://t.co/P6VRAkXrIU
@achi_tech
15 Apr 2025
31 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-29824
@transilienceai
15 Apr 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
1. Microsoft Windows CLFS Sıfır Gün Açığı (CVE-2025-29824) Microsoft, Windows Common Log File System (CLFS) sürücüsünde tespit edilen ve aktif olarak istismar edilen bir sıfır gün güvenlik açığını (CVE-2025-29824) gidermek için bir yama yayınladı. Bu açık, saldırganların sistem
@MuratDemirtas
15 Apr 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x32:*",
"vulnerable": true,
"matchCriteriaId": "205BF51D-7798-4E52-80C4-D5A72A8F1D12",
"versionEndExcluding": "10.0.14393.7970"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "2326BC98-7CE6-4FCD-8FF3-9E385465BE69",
"versionEndExcluding": "10.0.14393.7970"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x32:*",
"vulnerable": true,
"matchCriteriaId": "7014722D-3D72-4B1D-9859-9A34E09ED1C4",
"versionEndExcluding": "10.0.17763.7137"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "C23A8F41-3E3B-4783-B584-04893DD60763",
"versionEndExcluding": "10.0.17763.7137"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "83B3306F-C4EE-45A6-8139-6FAFC46DC696",
"versionEndExcluding": "10.0.19044.5737"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x32:*",
"vulnerable": true,
"matchCriteriaId": "E23DEC4B-7790-4DF2-9B77-20775AD0B34F",
"versionEndExcluding": "10.0.19044.5737"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "EDE77D74-EFE2-42C5-A080-AE16F604968B",
"versionEndExcluding": "10.0.19044.5737"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "BCF4434C-9197-405A-BBB3-53EA66ADAC9A",
"versionEndExcluding": "10.0.19045.5737"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x32:*",
"vulnerable": true,
"matchCriteriaId": "4FF191D7-85ED-430A-BA10-4E696CFF51BA",
"versionEndExcluding": "10.0.19045.5737"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "3630C9CC-2C8C-4089-926D-0981277CA599",
"versionEndExcluding": "10.0.19045.5737"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "990A3BD9-13CD-4391-806C-691EAEBEED09",
"versionEndExcluding": "10.0.22621.5191"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "50EA37C1-EE93-43EF-9D68-BD8E70A094E8",
"versionEndExcluding": "10.0.22621.5191"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "BA6E9856-A8DC-4C20-A8FC-BCF869413A0A",
"versionEndExcluding": "10.0.22631.5191"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "39A448D0-EB9F-42FE-85A2-A4AA88D4CEBD",
"versionEndExcluding": "10.0.26100.3775"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "8B1600DE-F4B9-456C-A42F-5E5CDB2D6DEF",
"versionEndExcluding": "10.0.26100.3775"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "BE676429-15DD-408B-A4EC-E405E64F9732",
"versionEndExcluding": "6.0.6003.23220"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*",
"vulnerable": true,
"matchCriteriaId": "167A3F9F-42A7-4D04-A8D5-55C2131E43AC",
"versionEndExcluding": "6.0.6003.23220"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "6D33A5A5-2116-4DF9-B7B5-AB049D7412DA",
"versionEndExcluding": "6.0.6003.23220"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC0C898B-76DC-4C7A-9CB2-2A19AAB5F4A4",
"versionEndExcluding": "6.2.9200.25423"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3736F59-1016-4A81-B1D2-5F722CCCFF25",
"versionEndExcluding": "10.0.14393.7970"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C505C73-E943-45F2-B869-D6CAAFCA8150",
"versionEndExcluding": "10.0.17763.7137"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C707424-4A8F-4C49-AA02-0DA3D177A2FE",
"versionEndExcluding": "10.0.20348.3454"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0DA8E1E4-0C78-4ADC-9490-4A608D8601FD",
"versionEndExcluding": "10.0.25398.1551"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AA03AE1F-F78C-4864-A1B6-15846AAD4899",
"versionEndExcluding": "10.0.26100.3775"
}
],
"operator": "OR"
}
]
}
]