Cyber Resilience

CVE-2025-27479

High

Published: 08 April 2025

Published
08 April 2025
Modified
08 July 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.2927 96.7th percentile
Risk Priority 33 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-27479 is a high-severity Insufficient Resource Pool (CWE-410) vulnerability in Microsoft Windows Server 2012. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 3.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2025-27479 is an insufficient resource pool vulnerability in the Windows Kerberos component that permits denial of service over a network. The flaw is tracked under CWE-410 and carries a CVSS 3.1 base score of 7.5 reflecting network attack vector, low attack complexity, and no required privileges or user interaction, resulting in high impact to availability while leaving confidentiality and integrity unaffected.

An unauthenticated attacker with network access can send crafted requests that exhaust the Kerberos resource pool, thereby disrupting Kerberos authentication services and causing denial of service to affected Windows systems.

Microsoft has published mitigation guidance in its Security Response Center update guide for this vulnerability.

The EPSS score for the CVE rose from a low baseline to a peak of 0.4150 with a current value of 0.2927, indicating that exploitation interest emerged after disclosure and that the issue warrants renewed attention.

EU & UK References

Vulnerability details

Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
windows server 2012
all versions, r2
microsoft
windows server 2016
≤ 10.0.14393.7969
microsoft
windows server 2019
≤ 10.0.17763.7136
microsoft
windows server 2022
≤ 10.0.20348.3453
microsoft
windows server 2022 23h2
≤ 10.0.25398.1551
microsoft
windows server 2025
≤ 10.0.26100.3775

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-410

Ensures a managed resource pool is maintained rather than allowing exhaustion by any single consumer.

References