CVE-2025-21231
Published: 14 January 2025
Summary
CVE-2025-21231 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Microsoft Windows 10 1507. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Service Exhaustion Flood (T1499.002); ranked in the top 20.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SC-6 (Resource Availability).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Flaw remediation directly addresses the vulnerability by applying Microsoft patches for the IP Helper DoS issue.
Denial-of-service protections at network entry points block or mitigate remote unauthenticated resource exhaustion attacks on IP Helper.
Resource availability controls enforce quotas and limits to counter the CWE-400 uncontrolled resource consumption in IP Helper.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct remote exploitation of the IP Helper service for resource exhaustion DoS maps to Service Exhaustion Flood.
NVD Description
IP Helper Denial of Service Vulnerability
Deeper analysisAI
CVE-2025-21231, published on 2025-01-14, is an IP Helper Denial of Service vulnerability with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). It is associated with CWE-400 (Uncontrolled Resource Consumption) and NVD-CWE-noinfo. The vulnerability affects the IP Helper component in Microsoft Windows systems, as indicated by the Microsoft Security Response Center reference.
An unauthenticated attacker (PR:N) can exploit the vulnerability remotely over the network (AV:N) with low attack complexity (AC:L) and without requiring user interaction (UI:N). Successful exploitation results in high impact to availability (A:H) with no impact to confidentiality or integrity, enabling a denial of service condition such as service crashes or resource exhaustion.
Microsoft has published an update guide addressing this vulnerability, available at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21231, which provides details on patches and mitigation steps.
Details
- CWE(s)