Analysis Summary

CVE-2025-21325 CVSS:7.8

Microsoft Windows Secure Kernel Mode could allow a local authenticated attacker to gain SYSTEM privileges.

CVE-2025-21409 CVSS:8.8

Windows Telephony Service Remote Code Execution Vulnerability.

CVE-2025-21417 CVSS:8.8

Windows Telephony Service Remote Code Execution Vulnerability.

CVE-2025-21311 CVSS:9.8

Microsoft Windows could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in NTLM V1 component.

CVE-2025-21333 CVSS:7.8

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in Hyper-V NT Kernel Integration VSP component.

CVE-2025-21326 CVSS:7.8

Microsoft Windows could allow a local attacker to execute arbitrary code on the system, caused by a flaw in Internet Explorer component.

CVE-2025-21218 CVSS:7.5

Windows Kerberos Denial of Service Vulnerability.

CVE-2025-21378 CVSS:7.8

Windows CSC Service Elevation of Privilege Vulnerability.

CVE-2025-21370 CVSS:7.8

Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability.

Impact

• Code Execution
• Privilege Escalation
• Denial of Service

Indicators of Compromise

CVE

• CVE-2025-21325

• CVE-2025-21409

• CVE-2025-21417

• CVE-2025-21311

• CVE-2025-21333

• CVE-2025-21326

• CVE-2025-21218

• CVE-2025-21378

• CVE-2025-21370

Affected Vendors

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2025-21325

CVE-2025-21409

CVE-2025-21417

CVE-2025-21311

CVE-2025-21333

CVE-2025-21326

CVE-2025-21218

CVE-2025-21378

CVE-2025-21370