CVE-2025-54100

Published Dec 9, 2025

Last updated a month ago

CVSS high 7.8
Windows PowerShell

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-54100 is a command injection vulnerability in Windows PowerShell. It allows an unauthorized attacker with local access to execute arbitrary code. The vulnerability stems from improper neutralization of special elements used in command execution within PowerShell's command processing mechanism. To exploit this vulnerability, an attacker typically needs user interaction, such as tricking a victim into running a malicious PowerShell script or command. Once exploited, the attacker can inject malicious commands that PowerShell interprets and executes, potentially leading to system compromise or lateral movement inside the network.

Description
Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally.
Source
secure@microsoft.com
NVD status
Modified
Products
windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_23h2, windows_11_24h2, windows_11_25h2, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-77

Social media

Hype score
Not currently trending

  1. PowerShell 5.1: Preventing script execution from web content PowerShell Remote Code Execution Vulnerability NewRecently updated CVE-2025-54100 Security Vulnerability Windows PowerShell 5.1 now displays a security confirmation prompt when using the Invoke-WebRequest command to

    @johnspectator

    20 Dec 2025

    64 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. Don't let your systems fall prey to CVE-2025-54100, a dangerous 0-day vulnerability in PowerShell. Act now: install the latest security updates and train your teams to recognize malicious threats. Safeguard your Windows environments before it's too late! https://t.co/D8Sj2Iai

    @The4n6Analyst

    18 Dec 2025

    79 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 Microsoft PowerShell [—] Dec 17, 2025 Comprehensive December 2025 Security Advisory: PowerShell 5.1 Security Update, CVE-2025-54100, Hotpatch Guidance, Script Risk Controls, and Interaction with Windows Smart App Control Checkout our Threat Intelligence Platform:... https:

    @transilienceai

    17 Dec 2025

    57 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. ❓ Do you have remediation scripts with Invoke-WebRequest cmdlet ? ⚠️ They may not work as expected because of CVE-2025-54100 💡 Use this script to list remediation impacted scripts with https://t.co/Vg46hEFyRc https://t.co/hLOP4Hxbkb

    @syst_and_deploy

    15 Dec 2025

    2233 Impressions

    7 Retweets

    22 Likes

    13 Bookmarks

    1 Reply

    0 Quotes

  5. 🚨Nueva vulnerabilidad en #PowerShell: CVE-2025-54100 CVE-2025-54100 es una falla de inyección de comandos (CWE-77) en Windows PowerShell que permite a un atacante ejecutar código en el equipo si consigue que un usuario ejecute comandos o scripts que usan Invoke-WebRequest

    @SoyITPro

    12 Dec 2025

    682 Impressions

    4 Retweets

    8 Likes

    1 Bookmark

    1 Reply

    0 Quotes

  6. #MSXFAQ PowerShell als HTTP-Client https://t.co/XCgmMYZhEd - KB5074596 bricht Invoke-WebRequest als Fix gegen CVE-2025-54100. Wer in Skripten so Informationen abruft und kein "-useBasicParsing" nutzt, muss den Abruf bestätigen. Bitte prüft eure Automationskripte ehe sie stoppen

    @msxfaq

    12 Dec 2025

    352 Impressions

    2 Retweets

    4 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  7. 💡 List all Intune remediation scripts containing Invoke-WebRequest without UseBasicParsing (CVE-2025-54100) #MEMPowered #MSIntune @Hoorge https://t.co/Vg46hEFyRc https://t.co/KXhxzottHX

    @syst_and_deploy

    12 Dec 2025

    2691 Impressions

    12 Retweets

    40 Likes

    29 Bookmarks

    0 Replies

    0 Quotes

  8. A critical new PowerShell vulnerability (CVE-2025-54100) lets attackers execute arbitrary code via command injection. Patch now. Why CVE-2025-54100 is a big deal: PowerShell is a core administrative tool built into Windows, trusted by both IT and security tools. https://t.co/El

    @__Otaibayomi

    12 Dec 2025

    68 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  9. ⚡️ Cybersecurity Developments in the Last 12 Hours ⚡️ 🚨 Microsoft has patched two critical zero-day vulnerabilities, CVE-2025-62221 and CVE-2025-54100, that enable privilege escalation and remote code execution, with active exploitation detected in the wild. 👾 A c

    @greytech_ltd

    12 Dec 2025

    65 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 2025年12月 Microsoftが定例パッチをリリース-3件のゼロデイを修正(CVE-2025-62221,CVE-2025-64671,CVE-2025-54100) https://t.co/4zqKmSxEaO #セキュリティ対策Lab #セキュリティ #Security

    @securityLab_jp

    11 Dec 2025

    107 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. ⚠️ Le patch pour la vulnérabilité CVE-2025-54100 peut avoir un impact sur vos scripts PowerShell Je vous propose un récap' dans cet article 👇 - https://t.co/ivWOROT5VN #PowerShell #infosec #veilleIT #informatique https://t.co/u92wop0hRg

    @ITConnect_fr

    11 Dec 2025

    1318 Impressions

    4 Retweets

    10 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  12. CVE-2025-54100 CRITICAL WINDOWS 0-DAY: New PowerShell Flaw Allows Hackers Total Control Over Your PC (Patch NOW) Read the full report on - https://t.co/ffRN0zqUoX https://t.co/wzCHFprTpJ

    @cyberbivash

    10 Dec 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Microsoft discloses critical Windows PowerShell 0-day CVE-2025-54100 allowing arbitrary code execution via command injection, publicly revealed Dec 9 2025. Orgs urged to review mitigations. #Vulnerability https://t.co/IF7l4cKpct

    @threatcluster

    10 Dec 2025

    58 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. Windows PowerShellにゼロデイ脆弱性が公開され、細工コマンドを介して不正コードが実行される恐れが指摘された(CVE-2025-54100)。ローカルアクセスと操作誘導が必要だが、広範なWindows環境が影響を受けるため早急

    @yousukezan

    10 Dec 2025

    18193 Impressions

    88 Retweets

    189 Likes

    97 Bookmarks

    2 Replies

    3 Quotes

  15. 🚨 New PowerShell Security Update! PowerShell 5.1 now warns when running Invoke-WebRequest due to CVE-2025-54100. #PowerShell #CyberSecurity #InvokeWebRequest #Microsoft #ITSecurity #ITAdmins #Automation #CVE202554100 #MSP #Technijian https://t.co/FoY6c8zsH3

    @technijian_

    10 Dec 2025

    61 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  16. > 「CVE-2025-54100」に関しては、対策として「PowerShell」の「Invoke-WebRequest」コマンドにセキュリティ警告の確認プロンプトが追加されている。スクリプトが停止する可能性がある点には注意したい。 https://t.co/5

    @hasegawayosuke

    10 Dec 2025

    17919 Impressions

    34 Retweets

    75 Likes

    36 Bookmarks

    1 Reply

    3 Quotes

  17. 【破壊的変更】Windows PowerShellでのInvoke-WebRequest使用時に警告プロンプトが出るように。PowerShellにおける深刻な(MS主張)コード実行の脆弱性CVE-2025-54100への緩和策。既定で有効。UseBasicParsing safeの場合は止まら

    @__kokumoto

    9 Dec 2025

    3207 Impressions

    6 Retweets

    11 Likes

    6 Bookmarks

    0 Replies

    1 Quote

Configurations

References

Sources include official advisories and independent security research.