Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2025-21207: Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability

**According to the CVSS metric, successful exploitation of this vulnerability has a high impact on availability (A:H). What does that mean for this vulnerability??** An attacker can send specially crafted packets which could impact availability of the service resulting in Denial of Service (DoS).

Microsoft Security Response Center
Open in Source
#vulnerability#windows#dos#Windows Connected Devices Platform Service#Security Vulnerability
CVE-2025-21224: Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An unauthenticated attacker could send a specially crafted print task to a shared vulnerable Windows Line Printer Daemon (LPD) service across a network. Successful exploitation could result in remote code execution on the server.

CVE-2025-21229: Windows Digital Media Elevation of Privilege Vulnerability

**According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability?** An attacker needs physical access to the target computer to plug in a malicious USB drive.

CVE-2025-21228: Windows Digital Media Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2025-21227: Windows Digital Media Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2025-21226: Windows Digital Media Elevation of Privilege Vulnerability

**According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability?** An attacker needs physical access to the target computer to plug in a malicious USB drive.

CVE-2025-21225: Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

CVE-2025-21335: Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2025-21330: Windows Remote Desktop Services Denial of Service Vulnerability

**According to the CVSS metric, successful exploitation of this vulnerability has a high impact on availability (A:H). What does that mean for this vulnerability??** An attacker can send specially crafted packets which could impact availability of the service resulting in Denial of Service (DoS).

CVE-2025-21382: Windows Graphics Component Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.