CVE-2025-21293
Published: 14 January 2025
Summary
CVE-2025-21293 is a high-severity Improper Access Control (CWE-284) vulnerability in Microsoft Windows 10 1507. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 1.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-3 (Access Enforcement).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Timely remediation of the Active Directory Domain Services flaw via Microsoft patches directly prevents low-privileged users from exploiting CVE-2025-21293 for privilege escalation.
Enforcing least privilege limits the scope and impact of privilege elevation by authenticated low-privileged users targeting this vulnerability.
Access enforcement strengthens improper access control mechanisms in AD DS, mitigating the CWE-284 weakness exploited in this elevation of privilege vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes an elevation of privilege vulnerability in Active Directory Domain Services due to improper access control, directly enabling a low-privileged authenticated network user to exploit the flaw for privilege escalation with high impact on confidentiality, integrity, and availability.
NVD Description
Active Directory Domain Services Elevation of Privilege Vulnerability
Deeper analysisAI
CVE-2025-21293 is an elevation of privilege vulnerability in Active Directory Domain Services, published on 2025-01-14T18:15:51.110. It affects Microsoft's Active Directory Domain Services component, with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The issue is associated with CWE-284 (Improper Access Control) and lacks additional NVD CWE details.
The vulnerability can be exploited by a low-privileged authenticated user with network access to the target system. Exploitation requires low complexity and no user interaction, allowing the attacker to elevate privileges with high impacts on confidentiality, integrity, and availability within the unchanged security scope.
Microsoft's Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21293 provides details on patches and mitigation guidance.
Details
- CWE(s)