CVE-2025-21382
Published: 14 January 2025
Summary
CVE-2025-21382 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Microsoft Windows 10 1809. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 16.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the heap-based buffer overflow and integer overflow vulnerability by requiring timely remediation through application of Microsoft's patches.
Implements memory protection mechanisms such as ASLR, DEP, and stack canaries that defend against exploitation of buffer and integer overflows in the Windows Graphics Component.
Enforces least privilege to limit the initial access scope of low-privilege local attackers, reducing the potential impact of successful privilege escalation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
This is a local elevation of privilege vulnerability (heap buffer overflow) in Windows Graphics Component allowing low-privileged attackers to gain higher privileges, directly enabling T1068: Exploitation for Privilege Escalation.
NVD Description
Windows Graphics Component Elevation of Privilege Vulnerability
Deeper analysisAI
CVE-2025-21382 is a Windows Graphics Component Elevation of Privilege Vulnerability, published on 2025-01-14T18:16:03.413. It affects the Windows Graphics Component in Microsoft Windows systems and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The vulnerability is linked to CWE-122 (Heap-based Buffer Overflow), CWE-190 (Integer Overflow or Wraparound), and NVD-CWE-noinfo.
A local attacker with low privileges can exploit this vulnerability through low-complexity attacks requiring no user interaction. Successful exploitation enables elevation of privileges, resulting in high impacts on confidentiality, integrity, and availability.
Microsoft's update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21382 provides details on mitigation, including available patches and remediation steps.
Details
- CWE(s)