AI description
CVE-2025-54100 is a command injection vulnerability in Windows PowerShell. It allows an unauthorized attacker with local access to execute arbitrary code. The vulnerability stems from improper neutralization of special elements used in command execution within PowerShell's command processing mechanism. To exploit this vulnerability, an attacker typically needs user interaction, such as tricking a victim into running a malicious PowerShell script or command. Once exploited, the attacker can inject malicious commands that PowerShell interprets and executes, potentially leading to system compromise or lateral movement inside the network.
- Description
- Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_23h2, windows_11_24h2, windows_11_25h2, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-77
- Hype score
- Not currently trending
🚨Nueva vulnerabilidad en #PowerShell: CVE-2025-54100 CVE-2025-54100 es una falla de inyección de comandos (CWE-77) en Windows PowerShell que permite a un atacante ejecutar código en el equipo si consigue que un usuario ejecute comandos o scripts que usan Invoke-WebRequest
@SoyITPro
12 Dec 2025
682 Impressions
4 Retweets
8 Likes
1 Bookmark
1 Reply
0 Quotes
#MSXFAQ PowerShell als HTTP-Client https://t.co/XCgmMYZhEd - KB5074596 bricht Invoke-WebRequest als Fix gegen CVE-2025-54100. Wer in Skripten so Informationen abruft und kein "-useBasicParsing" nutzt, muss den Abruf bestätigen. Bitte prüft eure Automationskripte ehe sie stoppen
@msxfaq
12 Dec 2025
352 Impressions
2 Retweets
4 Likes
3 Bookmarks
0 Replies
0 Quotes
💡 List all Intune remediation scripts containing Invoke-WebRequest without UseBasicParsing (CVE-2025-54100) #MEMPowered #MSIntune @Hoorge https://t.co/Vg46hEFyRc https://t.co/KXhxzottHX
@syst_and_deploy
12 Dec 2025
2691 Impressions
12 Retweets
40 Likes
29 Bookmarks
0 Replies
0 Quotes
A critical new PowerShell vulnerability (CVE-2025-54100) lets attackers execute arbitrary code via command injection. Patch now. Why CVE-2025-54100 is a big deal: PowerShell is a core administrative tool built into Windows, trusted by both IT and security tools. https://t.co/El
@__Otaibayomi
12 Dec 2025
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
⚡️ Cybersecurity Developments in the Last 12 Hours ⚡️ 🚨 Microsoft has patched two critical zero-day vulnerabilities, CVE-2025-62221 and CVE-2025-54100, that enable privilege escalation and remote code execution, with active exploitation detected in the wild. 👾 A c
@greytech_ltd
12 Dec 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2025年12月 Microsoftが定例パッチをリリース-3件のゼロデイを修正(CVE-2025-62221,CVE-2025-64671,CVE-2025-54100) https://t.co/4zqKmSxEaO #セキュリティ対策Lab #セキュリティ #Security
@securityLab_jp
11 Dec 2025
107 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Le patch pour la vulnérabilité CVE-2025-54100 peut avoir un impact sur vos scripts PowerShell Je vous propose un récap' dans cet article 👇 - https://t.co/ivWOROT5VN #PowerShell #infosec #veilleIT #informatique https://t.co/u92wop0hRg
@ITConnect_fr
11 Dec 2025
1318 Impressions
4 Retweets
10 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-54100 CRITICAL WINDOWS 0-DAY: New PowerShell Flaw Allows Hackers Total Control Over Your PC (Patch NOW) Read the full report on - https://t.co/ffRN0zqUoX https://t.co/wzCHFprTpJ
@Iambivash007
10 Dec 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft discloses critical Windows PowerShell 0-day CVE-2025-54100 allowing arbitrary code execution via command injection, publicly revealed Dec 9 2025. Orgs urged to review mitigations. #Vulnerability https://t.co/IF7l4cKpct
@threatcluster
10 Dec 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Windows PowerShellにゼロデイ脆弱性が公開され、細工コマンドを介して不正コードが実行される恐れが指摘された(CVE-2025-54100)。ローカルアクセスと操作誘導が必要だが、広範なWindows環境が影響を受けるため早急
@yousukezan
10 Dec 2025
18193 Impressions
88 Retweets
189 Likes
97 Bookmarks
2 Replies
3 Quotes
🚨 New PowerShell Security Update! PowerShell 5.1 now warns when running Invoke-WebRequest due to CVE-2025-54100. #PowerShell #CyberSecurity #InvokeWebRequest #Microsoft #ITSecurity #ITAdmins #Automation #CVE202554100 #MSP #Technijian https://t.co/FoY6c8zsH3
@technijian_
10 Dec 2025
61 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
> 「CVE-2025-54100」に関しては、対策として「PowerShell」の「Invoke-WebRequest」コマンドにセキュリティ警告の確認プロンプトが追加されている。スクリプトが停止する可能性がある点には注意したい。 https://t.co/5
@hasegawayosuke
10 Dec 2025
17919 Impressions
34 Retweets
75 Likes
36 Bookmarks
1 Reply
3 Quotes
【破壊的変更】Windows PowerShellでのInvoke-WebRequest使用時に警告プロンプトが出るように。PowerShellにおける深刻な(MS主張)コード実行の脆弱性CVE-2025-54100への緩和策。既定で有効。UseBasicParsing safeの場合は止まら
@__kokumoto
9 Dec 2025
3207 Impressions
6 Retweets
11 Likes
6 Bookmarks
0 Replies
1 Quote
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "B1A4A63C-AA10-4A4B-8FD6-0519D1F7DFE9",
"versionEndExcluding": "10.0.14393.8688"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "BCB3A273-FB6E-43DC-A247-363179C2400C",
"versionEndExcluding": "10.0.14393.8688"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "5CEB496A-8AF3-458D-B466-16204E535DE0",
"versionEndExcluding": "10.0.17763.8146"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "C99D0580-E443-4440-A211-19BA3C2C4AFA",
"versionEndExcluding": "10.0.17763.8146"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D04167A-522C-433E-8CEB-C1D8A02C23D8",
"versionEndExcluding": "10.0.19044.6691"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A86D6CDC-55E5-4817-A6CE-4CE41921FB79",
"versionEndExcluding": "10.0.19045.6691"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6DCE32D0-A9E0-4029-AB35-5E202A42AF01",
"versionEndExcluding": "10.0.22631.6345"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B25382B-72D4-4462-9B2A-FC463E225975",
"versionEndExcluding": "10.0.26100.7456"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C29A9FB0-C2BE-43DE-A099-0390A4AF47E1",
"versionEndExcluding": "10.0.26200.7456"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "992FE0C2-27E6-4D04-8200-7831DE13C58E",
"versionEndExcluding": "10.0.14393.8688"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A20DBDB1-D0DE-4800-8BEA-35EE5D53659D",
"versionEndExcluding": "10.0.17763.8146"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5032F165-65AC-41E6-9AFC-50B2518E50F3",
"versionEndExcluding": "10.0.20348.4529"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9CE4A36-DA42-40CC-8724-E30A22CA84B6",
"versionEndExcluding": "10.0.25398.2025"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0919675B-B03C-4A67-A8FC-DC953EA057C9",
"versionEndExcluding": "10.0.26100.7456"
}
],
"operator": "OR"
}
]
}
]