CVE-2025-21293
Published: 14 January 2025
Summary
CVE-2025-21293 is a high-severity Improper Access Control (CWE-284) vulnerability in Microsoft Windows 10 1507. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 1.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-3 (Access Enforcement).
Deeper analysis
CVE-2025-21293 is an elevation of privilege vulnerability in Active Directory Domain Services. It is rated 8.8 under CVSS 3.1 with an attack vector of network, low complexity, low privileges required, and no user interaction, allowing high impact to confidentiality, integrity, and availability.
An authenticated attacker with low-level domain access can exploit the flaw to escalate privileges and achieve full control over the directory services environment. The weakness is tracked under CWE-284.
The Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21293 supplies patch information and mitigation guidance for affected deployments.
The EPSS score currently stands at 0.7606 after reaching a peak of 0.7913.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-2358
Vulnerability details
Active Directory Domain Services Elevation of Privilege Vulnerability
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes an elevation of privilege vulnerability in Active Directory Domain Services due to improper access control, directly enabling a low-privileged authenticated network user to exploit the flaw for privilege escalation with high impact on confidentiality, integrity, and availability.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Timely remediation of the Active Directory Domain Services flaw via Microsoft patches directly prevents low-privileged users from exploiting CVE-2025-21293 for privilege escalation.
Enforcing least privilege limits the scope and impact of privilege elevation by authenticated low-privileged users targeting this vulnerability.
Access enforcement strengthens improper access control mechanisms in AD DS, mitigating the CWE-284 weakness exploited in this elevation of privilege vulnerability.