AI description
CVE-2025-55234 is an elevation of privilege vulnerability affecting Windows Server Message Block (SMB). It exists because SMB sessions can be established without properly validating the authentication context when key hardening measures, such as SMB signing and extended protection for authentication (EPA), are not in place. An unauthenticated, remote attacker could perform relay attacks by exploiting improper authentication mechanisms in SMB Server configurations over a network connection. Successful exploitation could allow an attacker to elevate their privileges to that of the compromised user's account. Microsoft has released audit capabilities to help customers assess their environment and identify potential incompatibility issues before deploying SMB Server hardening measures.
- Description
- SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against relay attacks: SMB Server signing SMB Server Extended Protection for Authentication (EPA) Microsoft is releasing this CVE to provide customers with audit capabilities to help them to assess their environment and to identify any potential device or software incompatibility issues before deploying SMB Server hardening measures that protect against relay attacks. If you have not already enabled SMB Server hardening measures, we advise customers to take the following actions to be protected from these relay attacks: Assess your environment by utilizing the audit capabilities that we are exposing in the September 2025 security updates. See Support for Audit Events to deploy SMB Server Hardening—SMB Server Signing & SMB Server EPA. Adopt appropriate SMB Server hardening measures.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_22h2, windows_11_23h2, windows_11_24h2, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- secure@microsoft.com
- CWE-287
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
Hey devs, September's Patch Tuesday dropped some nasty Windows bugs: NTFS buffer overflow (CVE-2025-54916) and SMB replay attacks (CVE-2025-55234) that could lead to code exec. Patch now, or risk the hackers' party. Also, Pixie Dust still haunting IoT after a decade?
@Weezy_Dev
20 Sept 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234) https://t.co/P2w2ILulSM https://t.co/MwlwaMEPkj
@dansantanna
17 Sept 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234) https://t.co/TpAzfP1q3l https://t.co/M5T9mCLGje
@pcasano
15 Sept 2025
24 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Microsoft'un Eylül Yaması: 80 Güvenlik Açığı Düzeltildi, Bazıları Kritik** Microsoft, Eylül 2025 Patch Tuesday'sinde tam 80 güvenlik açığını yamaladı. Bunlar arasında SMB'de ayrıcalık yükseltme (CVE-2025-55234) ve Azure Networking'de CVSS 10.0 skoru taşıya
@KiraliikHacker
14 Sept 2025
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mobile & Laptop Security: Samsung patched CVE-2025-21043, zero-day in Android; update to block exploits. Microsoft fixed 86 Windows flaws, incl. CVE-2025-55234; update. Google patched 111 Android vulns, 2 critical; update ASAP. Apple alerts users to spyware; use Lockdown Mode
@viridianlock
12 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
September #PatchTuesday: 176 fixes, five critical RCEs, and multiple zero-days. Key priorities include SQL Server (CVE-2024-21907), Azure HPC (CVE-2025-55232), and SMB server (CVE-2025-55234). Full analysis 👉 https://t.co/gy4h6Rk61u https://t.co/iPrkDU1JZb
@rapid7
12 Sept 2025
1365 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
⚠️Actualizaciones de seguridad mensuales de Microsoft ❗CVE-2025-55232 ❗CVE-2025-55227 ❗CVE-2025-55234 ➡️Más info: https://t.co/m71z9xeyXb https://t.co/439OhGO7DK
@CERTpy
12 Sept 2025
140 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234) https://t.co/GEECiCUkiA https://t.co/EtVp9bQRzN
@ggrubamn
12 Sept 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
𝐏𝐚𝐭𝐜𝐡 𝐓𝐮𝐞𝐬𝐝𝐚𝐲 𝗦𝗲𝗽𝘁𝗲𝗺𝗯𝗲𝗿 𝟐𝟎𝟐𝟓 𝐇𝐢𝐠𝐡𝐥𝐢𝐠𝐡𝐭𝐬 𝐘𝐨𝐮 𝐒𝐡𝐨𝐮𝐥𝐝𝐧’𝐭 𝐌𝐢𝐬𝐬 ▪️Microsoft has addressed 81 vulnerabilities, two zero-days with
@Action1corp
12 Sept 2025
117 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Microsoft released its September Patch Tuesday, fixing 80 vulnerabilities in its products. Eight of them are critical. One of the privilege escalation vulnerabilities in Windows SMB (CVE-2025-55234) was publicly disclosed prior to the release of the patch. Update your systems htt
@cheatmaste79573
11 Sept 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234) https://t.co/j7lgD61FrW https://t.co/64bOwIyTes
@valterpcjr
11 Sept 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
80 fixes. 8 Critical. 0 known exploited. Microsoft patches SMB priv-esc (CVE-2025-55234) and an Azure bug with CVSS 10.0, plus HPC Pack RCE 9.8 and NTLM EoP 8.8. Patch now and enable SMB signing and EPA. https://t.co/K0v8ovXSPK #CyberSecurity #PatchTuesday
@Prevent_Cyber
11 Sept 2025
73 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234) https://t.co/0ytwRiGvbA https://t.co/kyVhl19wEC
@secured_cyber
10 Sept 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234) https://t.co/MCwaZ7UoPd https://t.co/MQI6lRZCU5
@EAlexStark
10 Sept 2025
106 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft just dropped a massive Patch Tuesday: ⚡ 80 flaws fixed — 8 critical ⚡ One already public: SMB bug (CVE-2025-55234) that opens the door to relay + MITM attacks ⚡ A 10.0 Azure flaw + NTLM bug that could hand over SYSTEM access Patch now. Audit SMB. Details
@TheHackersNews
10 Sept 2025
25521 Impressions
46 Retweets
158 Likes
53 Bookmarks
6 Replies
5 Quotes
Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234) https://t.co/KcsmVh0lvC https://t.co/3sjI7guX0P
@Trej0Jass
10 Sept 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerability Brief: CVE-2025-55234 — Windows SMB Elevation of Privilege Read the full analysis: https://t.co/kNI1oiwVwq https://t.co/XaAi9BzfS7
@Iambivash007
10 Sept 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
今日はいろんなぱっちちゅうずでー ▼Microsoft 2025 年 9 月のセキュリティ更新プログラム (月例) https://t.co/3HGdf04I8w CVE-2025-55234 →Windows SMB の特権昇格の脆弱性 CVE-2024-21907 →Newtonsoft.Json での例外的な状態の不適
@taku888infinity
9 Sept 2025
398 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234) https://t.co/6kHxAhKcpp https://t.co/uyop1T3peY
@Art_Capella
9 Sept 2025
95 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-55234 SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay atta… https://t.co/gOQ1lGzr2k
@CVEnew
9 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔍 Microsoft’s new guidance on CVE-2025-55234 helps admins spot SMB relay vulnerabilities before they become a party crasher! Time to audit those settings and keep the privilege elevation at bay! #WindowsForum #CyberSecurity #SMB https://t.co/a5fOAL7b2K
@windowsforum
9 Sept 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft Patch Tuesday: 81 vulnerabilidades corregidas, incluidas dos zero-day en SMB Server (CVE-2025-55234) y Newtonsoft.Json (CVE-2024-21907), además de fallos críticos en NTLM, NTFS y Microsoft Office. ¡Actualiza de inmediato! https://t.co/T18lkShM8c
@CompunetChile
9 Sept 2025
122 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
𝗧𝗼𝗱𝗮𝘆'𝘀 𝗣𝗮𝘁𝗰𝗵 𝗧𝘂𝗲𝘀𝗱𝗮𝘆 𝗼𝘃𝗲𝗿𝘃𝗶𝗲𝘄: ▪️ Microsoft has addressed 81 vulnerabilities, two zero-days with PoC (CVE-2025-55234 and CVE-2025-21907), 8 critical ▪️ Third-party: actively exploited vulnerabi
@Action1corp
9 Sept 2025
401 Impressions
2 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "3C02B817-7D1B-4E29-B9D4-4858F5B870F4",
"versionEndExcluding": "10.0.10240.21128"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "6F5077FC-74E8-4534-9E8E-68BB5DC4C331",
"versionEndExcluding": "10.0.10240.21128"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "CCF6CD9B-8B61-4998-8AB1-98022B96627C",
"versionEndExcluding": "10.0.14393.8422"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "B959975A-0845-4975-987B-33BCE5C5F1BB",
"versionEndExcluding": "10.0.14393.8422"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "DAD249FB-512C-4712-A54C-67283AB359A4",
"versionEndExcluding": "10.0.17763.7792"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "01360CEA-14B5-4566-84ED-D785BD98C78D",
"versionEndExcluding": "10.0.17763.7792"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A6EFA39-1D7C-4663-A412-AA6802FB27E8",
"versionEndExcluding": "10.0.19044.6332"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "45F6F341-FC2F-4629-8259-C5F8CC8E2EB3",
"versionEndExcluding": "10.0.19045.6332"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86480500-CDA6-4F8F-9B8C-F3FC77B15F67",
"versionEndExcluding": "10.0.22621.5909"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A6C6080-3904-45F2-897E-F6583DB4A70A",
"versionEndExcluding": "10.0.22631.5909"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E1B4513-36E7-4DCD-96B3-A56184D37C87",
"versionEndExcluding": "10.0.26100.6508"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "705F2D9A-DBA3-45A9-B11E-EBE1E98E43E0",
"versionEndExcluding": "10.0.14393.8422"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07163682-D393-40AF-BEDD-CDD996C941ED",
"versionEndExcluding": "10.0.17763.7792"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFE7D988-2ABE-4833-AFEB-90926E10B8EB",
"versionEndExcluding": "10.0.20348.4106"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "986B3446-8F5A-4D4C-A240-7052ED135E5B",
"versionEndExcluding": "10.0.25398.1849"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7DF196D-36BE-4A48-844E-E1D8405A9E1A",
"versionEndExcluding": "10.0.26100.6508"
}
],
"operator": "OR"
}
]
}
]