CVE-2025-24061

Published Mar 11, 2025

Last updated 2 months ago

CVSS high 7.8
Windows
MOTW

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2025-24061 is a security vulnerability described as a protection mechanism failure in Windows Mark of the Web (MOTW). This vulnerability allows an unauthorized attacker to bypass a security feature locally. The vulnerability affects several Windows products, including Windows 10 Version 1809, Windows Server 2019, Windows Server 2022, and Windows 10 Version 21H2.

Description
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locally.
Source
secure@microsoft.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-693

Social media

Hype score
Not currently trending

  1. EncryptHubの二重生活:サイバー犯罪者対Windowsのバグ報奨金研究者(CVE-2025-24061、CVE-2025-24071) https://t.co/P85bmF70j3 #security #セキュリティ #ニュース

    @SecureShield_

    7 Apr 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Microsoft Credits Hacker 'EncryptHub' for Discovering Critical Windows Flaws In a surprising move, Microsoft has publicly credited the hacker known as "EncryptHub" for responsibly disclosing two high-severity Windows vulnerabilities—CVE-2025-24061 and CVE-2025-24071—both patched

    @ChbibAnas

    7 Apr 2025

    40 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Microsoft just credited EncryptHub—a lone wolf behind 618 breaches—for disclosing 2 Windows flaws CVE-2025-24061 & 24071. Once pushing malware via fake WinRAR sites & abusing zero-days, this conflicted figure straddled bug bounties and full-blown cybercrime. Tracked via

    @CareWeDoNot

    5 Apr 2025

    44 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 👀 Microsoft Credits EncryptHub — the Hacker Behind 618+ Breaches — for Disclosing Windows Flaws. 👀 In March 2025, EncryptHub reported 2 critical bugs (CVE-2025-24061 & CVE-2025-24071). Weeks later, he exploited a zero-day (CVE-2025-26633), hitting hundreds of targets usin

    @TheHackersNews

    5 Apr 2025

    13527 Impressions

    35 Retweets

    80 Likes

    15 Bookmarks

    1 Reply

    0 Quotes

  5. 🚨 CVE-2025-24061 🔴 HIGH (7.8) 🏢 Microsoft - Windows 10 Version 1809 🏗️ 10.0.17763.0 🔗 https://t.co/iNlWIexFq5 #CyberCron #VulnAlert #InfoSec https://t.co/7ff7pkXGKF

    @cybercronai

    13 Mar 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References