CVE-2025-29810

HIGH

Windows 10 1507-24H2 and Windows Server 2008 - Privilege Escalation via Active Directory Domain Services

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-29810. PoCs published by aleongx.

AI-analyzed exploit summary This PowerShell script checks if a system is vulnerable to CVE-2025-29810 by verifying if it is a domain controller and whether April 2025 patches are installed. It outputs results to a text file and provides recommendations.

Description

Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

Exploits (1)

nomisec SCANNER

by aleongx · poc

https://github.com/aleongx/CVE-2025-29810-check

View Code ZIP pw:eip

This PowerShell script checks if a system is vulnerable to CVE-2025-29810 by verifying if it is a domain controller and whether April 2025 patches are installed. It outputs results to a text file and provides recommendations.

Classification

Scanner 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Active Directory Domain Services (AD DS)

Auth required

Prerequisites: Access to a Windows system with PowerShell · Active Directory module availability

MITRE ATT&CK

T1082 - System Information Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29810

Scores

CVSS v3 7.5

EPSS 0.0209

EPSS Percentile 79.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-284

Status published

Products (18)

microsoft/windows_10_1507 < 10.0.10240.20978 (2 CPE variants)

microsoft/windows_10_1607 < 10.0.14393.7969 (2 CPE variants)

microsoft/windows_10_1809 < 10.0.17763.7136 (2 CPE variants)

microsoft/windows_10_21h2 < 10.0.19044.5737

microsoft/windows_10_22h2 < 10.0.19045.5737

microsoft/windows_11_22h2 < 10.0.22621.5189

microsoft/windows_11_23h2 < 10.0.22631.5189

microsoft/windows_11_24h2 < 10.0.26100.3775

microsoft/windows_server_2008

microsoft/windows_server_2008 r2 sp1

... and 8 more

Published Apr 08, 2025

Tracked Since Feb 18, 2026