CVE-2025-27479
Published: 08 April 2025
Summary
CVE-2025-27479 is a high-severity Insufficient Resource Pool (CWE-410) vulnerability in Microsoft Windows Server 2012. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 3.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2025-27479 is an insufficient resource pool vulnerability in the Windows Kerberos component that permits denial of service over a network. The flaw is tracked under CWE-410 and carries a CVSS 3.1 base score of 7.5 reflecting network attack vector, low attack complexity, and no required privileges or user interaction, resulting in high impact to availability while leaving confidentiality and integrity unaffected.
An unauthenticated attacker with network access can send crafted requests that exhaust the Kerberos resource pool, thereby disrupting Kerberos authentication services and causing denial of service to affected Windows systems.
Microsoft has published mitigation guidance in its Security Response Center update guide for this vulnerability.
The EPSS score for the CVE rose from a low baseline to a peak of 0.4150 with a current value of 0.2927, indicating that exploitation interest emerged after disclosure and that the issue warrants renewed attention.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-10184
Vulnerability details
Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Ensures a managed resource pool is maintained rather than allowing exhaustion by any single consumer.