CVE-2025-21360
Published: 14 January 2025
Summary
CVE-2025-21360 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Microsoft Autoupdate. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 46.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Deeper analysis
CVE-2025-21360 is an Elevation of Privilege vulnerability affecting Microsoft AutoUpdate (MAU). Published on January 14, 2025, it carries a CVSS v3.1 base score of 7.8 (High), with vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, and is associated with CWE-269 (Improper Privilege Management) and NVD-CWE-noinfo.
A local attacker with low privileges can exploit this vulnerability with low attack complexity and no user interaction required. Successful exploitation allows the attacker to achieve high impacts on confidentiality, integrity, and availability, potentially elevating privileges on the affected system.
The Microsoft Security Response Center (MSRC) provides details on mitigation and patches in its update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21360.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-2423
Vulnerability details
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE describes local EoP vulnerability in Microsoft AutoUpdate allowing low-priv attacker to elevate privileges via improper privilege management, directly matching exploitation for privilege escalation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces least privilege for processes like Microsoft AutoUpdate, directly countering the improper privilege management (CWE-269) that enables local low-privileged attackers to elevate privileges.
Requires timely remediation of flaws such as CVE-2025-21360 through patching, as recommended by MSRC, preventing exploitation of the elevation of privilege vulnerability.
Mandates enforcement of access control policies to block unauthorized privilege escalation by local low-privileged users exploiting Microsoft AutoUpdate.