CVE-2025-21333

HIGH KEV

Microsoft Windows 10 21h2 < 10.0.19044.5371 - Heap Buffer Overflow

Title source: rule

Description

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

Exploits (5)

exploitdb WORKING POC
by Milad Karimi (Ex3ptionaL) · clocalwindows
https://www.exploit-db.com/exploits/52436
nomisec WORKING POC 226 stars
by MrAle98 · remote
https://github.com/MrAle98/CVE-2025-21333-POC
nomisec NO CODE
by aleongx · poc
https://github.com/aleongx/KQL_sentinel_CVE-2025-21333

References (5)

Scores

CVSS v3 7.8
EPSS 0.8134
EPSS Percentile 99.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2025-01-14
VulnCheck KEV 2025-01-14
ENISA EUVD EUVD-2025-2398
CWE
CWE-122
Status published
Products (7)
microsoft/windows_10_21h2 < 10.0.19044.5371
microsoft/windows_10_22h2 < 10.0.19045.5371
microsoft/windows_11_22h2 < 10.0.22621.4751
microsoft/windows_11_23h2 < 10.0.22631.4751
microsoft/windows_11_24h2 < 10.0.26100.2894
microsoft/windows_server_2022_23h2 < 10.0.25398.1369
microsoft/windows_server_2025 < 10.0.26100.2894
Published Jan 14, 2025
KEV Added Jan 14, 2025
Tracked Since Feb 18, 2026