Request a Demo
Rewterz
Massive Attack Targets 5,000 WordPress Sites with Fake Admin Accounts – Active IOCs
January 17, 2025
Rewterz
Multiple Mozilla Firefox Vulnerabilities
January 17, 2025

Multiple Microsoft Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-21290 CVSS:7.5

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability.

CVE-2025-21289 CVSS:7.5

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability.

CVE-2025-21285 CVSS:7.5

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability.

CVE-2025-21281 CVSS:7.8

Microsoft COM for Windows Elevation of Privilege Vulnerability.

CVE-2025-21277 CVSS:7.5

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability.

CVE-2025-21251 CVSS:7.5

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability.

CVE-2025-21294 CVSS:8.1

Microsoft Digest Authentication Remote Code Execution Vulnerability.

CVE-2025-21348 CVSS:7.2

Microsoft SharePoint Server Remote Code Execution Vulnerability.

CVE-2025-21393 CVSS:6.3

Microsoft SharePoint Server Spoofing Vulnerability.

Impact

  • Denial of Service
  • Privilege Escalation
  • Code Execution
  • Gain Access

Indicators of Compromise

CVE

  • CVE-2025-21290

  • CVE-2025-21289

  • CVE-2025-21285

  • CVE-2025-21281

  • CVE-2025-21277

  • CVE-2025-21251

  • CVE-2025-21294

  • CVE-2025-21348

  • CVE-2025-21393

Affected Vendors

Microsoft

Affected Products

  • Microsoft Windows Server 2022
  • Microsoft SharePoint Server 2019 - 16.0.0
  • Microsoft Microsoft SharePoint Server Subscription Edition - 16.0.0
  • Microsoft Windows 10 Version 1809 - 10.0.17763.0
  • Microsoft Windows Server 2019 - 10.0.17763.0
  • Microsoft Windows Server 2019 (Server Core installation) - 10.0.17763.0
  • Microsoft Windows Server 2022 - 10.0.20348.0
  • Microsoft Windows 11 version 22H2 - 10.0.22621.0
  • Microsoft Windows 10 Version 22H2 - 10.0.19045.0
  • Microsoft Windows Server 2025 (Server Core installation) - 10.0.26100.0
  • Microsoft Windows 11 version 22H3 - 10.0.22631.0
  • Microsoft Windows Server 2012 (Server Core installation) - 6.2.9200.0
  • Microsoft Windows Server 2012 R2 - 6.3.9600.0
  • Microsoft Windows Server 2012 R2 (Server Core installation) - 6.3.9600.0
  • Microsoft Windows 11 Version 23H2 - 10.0.22631.0
  • Microsoft Windows Server 2012 - 6.2.9200.0

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2025-21290

CVE-2025-21289

CVE-2025-21285

CVE-2025-21281

CVE-2025-21277

CVE-2025-21251

CVE-2025-21294

CVE-2025-21348

CVE-2025-21393