March 9, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Apache Traffic Server Vulnerabilities
March 7, 2025Multiple Intel Products Vulnerabilities
March 7, 2025Multiple Apache Traffic Server Vulnerabilities
March 7, 2025Multiple Intel Products Vulnerabilities
March 7, 2025
Severity
High
Analysis Summary
CVE-2025-21200 CVSS:8.8
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a heap-based buffer overflow in the Telephony Service component.
CVE-2025-21190 CVSS:8.8
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a heap-based buffer overflow in the Telephony Service component.
Impact
- Code Execution
Indicators of Compromise
CVE
CVE-2025-21200
CVE-2025-21190
Affected Vendors
- Microsoft
Affected Products
- Microsoft Windows Server 2022
- Microsoft Windows 10 Version 1809 - 10.0.17763.0
- Microsoft Windows Server 2019 - 10.0.17763.0
- Microsoft Windows 11 version 22H3 - 10.0.22631.0
- Microsoft Windows Server 2012 R2 - 6.3.9600.0
- Microsoft Windows Server 2012 R2 (Server Core installation) - 6.3.9600.0
- Microsoft Windows 11 Version 23H2 - 10.0.22631.0
- Microsoft Windows 11 Version 24H2 - 10.0.26100.0
- Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) - 6.0.6003.0
- Microsoft Windows Server 2008 Service Pack 2 - 6.0.6003.0
- Microsoft Windows Server 2025 - 10.0.26100.0
- Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) - 6.1.7601.0
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.