AI description
CVE-2025-21355 is a vulnerability found in Microsoft Bing. Due to missing authentication for a critical function, unauthorized attackers could execute code remotely over a network. This vulnerability has been categorized as CWE-306, Missing Authentication for Critical Function. Microsoft has addressed this vulnerability. Further details and potential remediation steps can be found on the Microsoft Security Response Center (MSRC) website. As of today, February 20, 2025, this information is current, but the situation may evolve.
- Description
- Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network
- Source
- secure@microsoft.com
- NVD status
- Received
- CNA Tags
- exclusively-hosted-service
CVSS 3.1
- Type
- Primary
- Base score
- 8.6
- Impact score
- 4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
- Severity
- HIGH
- secure@microsoft.com
- CWE-306
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
7
برای محصول Microsoft Bing آسیب پذیری با کد شناسایی CVE-2025-21355 و از نوع RCE منتشر شده است که به هکرها امکان اجرای کد به صورت ریموت را می دهد. نمره این آسیب پذیری 8.6 بوده و ماکروسافت اعلام نموده که به روز رسانی لازم در این خصوص را منتشر نموده است. https://t.co/Poz3aKY03t htt
@AmirHossein_sec
21 Feb 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-21355 🔴 HIGH (8.6) 🏢 Microsoft - Microsoft Bing 🏗️ N/A 🔗 https://t.co/nrFJVxCV9R #CyberCron #VulnAlert @microsoft https://t.co/FKO6ZGktLs
@cybercronai
21 Feb 2025
120 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
1 Quote
🚨 Microsoft Bing Vulnerability Allows Remote Code Execution Read more: https://t.co/DLt2OFGNoa 👉 CVE-2025-21355 originated from inadequate authentication mechanisms in a critical Bing service component. 👉 Attackers could exploit the flaw over a network to execute malicious
@The_Cyber_News
20 Feb 2025
302 Impressions
0 Retweets
1 Like
2 Bookmarks
1 Reply
0 Quotes
CVE-2025-21355 Microsoft Bing Remote Code Execution Vulnerability https://t.co/E8sKSBXwUb
@Dinosn
20 Feb 2025
1832 Impressions
3 Retweets
4 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨 Microsoft has issued high-severity security updates for Bing (CVE-2025-21355) and Power Pages (CVE-2025-24989), addressing two serious flaws. One of these vulnerabilities is already being exploited in the wild. Read more: https://t.co/QDr5WQQLPr
@TheHackersNews
20 Feb 2025
12323 Impressions
60 Retweets
105 Likes
16 Bookmarks
1 Reply
2 Quotes
#securityupdate #microsoft #定例外 2025. 2.19 Microsoft Bing のリモートでコードが実行される脆弱性 CVE-2025-21355 Security Vulnerability リリース日: 2025年2月19日 - マイクロソフト https://t.co/AeO5VnFTNG
@kawn2020
20 Feb 2025
71 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
1 Quote
⚠️ Vulnerability Alert: Microsoft Bing Remote Code Execution Vulnerability 📅 Timeline: 📌 Attribution: 🆔cveId: CVE-2025-21355 📊baseScore: 8.6 📏cvssMetrics: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvssSeverity: High 🟠 🛠️exploitMaturity: Not Available 📂affectedVersions:…
@syedaquib77
20 Feb 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft has addressed a critical security flaw in its Bing search engine, tracked as CVE-2025-21355, which could have allowed unauthorized attackers to execute arbitrary code remotely. #ريال_مدريد_مانشستر_سيتي #ซองแดงแต่งผี #EastEnders #หลิงออม #CyberSecurity https://t.co/6EWdJ
@techaniruddh
20 Feb 2025
144 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
Microsoft Bingに遠隔コード実行の脆弱性。修正済み。CVE-2025-21355はCVSSスコア8.6で、未認証の攻撃者によるネットワーク経由のコード実行。 https://t.co/1zesz4Did7
@__kokumoto
20 Feb 2025
911 Impressions
0 Retweets
8 Likes
1 Bookmark
0 Replies
0 Quotes
🚨CVE-2025-21355: Microsoft Bing Remote Code Execution Vulnerability https://t.co/OnVhV6l6is
@DarkWebInformer
19 Feb 2025
3241 Impressions
2 Retweets
20 Likes
4 Bookmarks
2 Replies
0 Quotes
[CVE-2025-21355: HIGH] Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network#cybersecurity,#vulnerability https://t.co/ef0rruBLNh https://t.co/wlTda8rAZq
@CveFindCom
19 Feb 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes