CVE-2025-21220
Published: 14 January 2025
Summary
CVE-2025-21220 is a high-severity Use of Uninitialized Resource (CWE-908) vulnerability in Microsoft Windows 10 1507. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 19.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and SI-2 (Flaw Remediation).
Deeper analysis
Microsoft Message Queuing is affected by an information disclosure vulnerability tracked as CVE-2025-21220. This flaw, which carries a CVSS score of 7.5, stems from the use of uninitialized resources as indicated by CWE-908 and allows unauthorized access to sensitive information over a network connection.
An unauthenticated attacker with network access can exploit this vulnerability due to its low attack complexity and lack of required user interaction, resulting in the disclosure of high-value confidential data without impacting integrity or availability.
The Microsoft Security Response Center provides guidance on this issue through its update guide at the referenced advisory URL. The associated EPSS score has remained low, with a current value of 0.0136 and a peak of 0.0193.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-2289
Vulnerability details
Microsoft Message Queuing Information Disclosure Vulnerability
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated network exploit of MSMQ service directly enables T1190 for information disclosure.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the uninitialized resource vulnerability in MSMQ through timely application of vendor patches, preventing remote information disclosure.
Prohibits or restricts non-essential MSMQ functionality or ports, eliminating exposure to the unauthenticated network-accessible vulnerability.
Monitors and controls network communications to MSMQ interfaces, reducing opportunities for remote unauthenticated attackers to trigger the information disclosure.