CVE-2025-21335

Published Jan 14, 2025

Last updated 14 hours ago

Exploit knownCVSS high 7.8

Overview

Description
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
Source
secure@microsoft.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Known exploits

Data from CISA

Vulnerability name
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
Exploit added on
Jan 14, 2025
Exploit action due
Feb 4, 2025
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weaknesses

secure@microsoft.com
CWE-416

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

14

  1. Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335) https://t.co/KjmRAb8Rtm https://t.co/ZVSG4ItxQt

    @secured_cyber

    15 Jan 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335) https://t.co/KFPUfJ2Ukc https://t.co/IHkL7NdnBz

    @grandpafirewall

    15 Jan 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335) https://t.co/TAc1rnIuiB https://t.co/GxZzPkRJGr

    @Trej0Jass

    15 Jan 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335) https://t.co/bz8y3BpMZF https://t.co/xsHQkYSN47

    @dansantanna

    15 Jan 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Três falhas de Zero-Day ativamente exploradas foram corrigidas na última atualização de segurança da Microsoft. ⤷ CVE-2025-21333 ⤷ CVE-2025-21334 ⤷ CVE-2025-21335 🔗Saiba mais: https://t.co/WGPBmJgxLw #netconn #cibersegurança #Tecnologia #microsoft

    @NetconnOficial

    15 Jan 2025

    2 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🔴 Critical Alert: Microsoft has just released a massive patch for 161 vulnerabilities across its software, including 3 zero-day flaws that have been actively exploited. ⤷ CVE-2025-21333 ⤷ CVE-2025-21334 ⤷ CVE-2025-21335 Patch now: https://t.co/0herwJS73C

    @TheHackersNews

    15 Jan 2025

    37571 Impressions

    128 Retweets

    270 Likes

    61 Bookmarks

    2 Replies

    7 Quotes

  7. 🚨 1st #PatchTuesday of 2025 is here! Microsoft & 3rd-party vendors address: 159 vulnerabilities 3 zero-days (CVE-2025-21335, CVE-2025-21334, CVE-2025-21333) 3 with PoCs 10 critical flaws Visit our comprehensive summary for more information: https://t.co/r9bdB8nDkS Here's

    @Action1corp

    14 Jan 2025

    70 Impressions

    1 Retweet

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References