CVE-2025-59214

MEDIUM

Microsoft Windows 10 1507 < 10.0.10240.21161 - Information Disclosure

Title source: rule

Description

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

Exploits (1)

github WORKING POC 52 stars

by rubenformation · powershellpoc

https://github.com/rubenformation/CVE-2025-50154

View Code ZIP pw:eip

References (5)

[Various Sources] https://cymulate.com/blog/ntlm-leak-cve-2025-59214/

[Various Sources] https://github.com/rubenformation/CVE-2025-50154/

View Exploit ZIP pw:eip

[Various Sources] https://www.vicarius.io/vsociety/posts/cve-2025-59214-detection-script-windows-file-explorer-spoofing-vulnerability

[Various Sources] https://www.vicarius.io/vsociety/posts/cve-2025-59214-mitigation-script-windows-file-explorer-spoofing-vulnerability

[Vendor Advisory] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59214

Scores

CVSS v3 6.5

EPSS 0.0013

EPSS Percentile 32.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (44)

microsoft/windows_10_1507 < 10.0.10240.21161 (2 CPE variants)

microsoft/windows_10_1607 < 10.0.14393.8519 (2 CPE variants)

microsoft/windows_10_1809 < 10.0.17763.7919 (2 CPE variants)

microsoft/windows_10_21h2 < 10.0.19044.6456

microsoft/windows_10_22h2 < 10.0.19045.6456

Microsoft/Windows 10 Version 1507 10.0.10240.0 - 10.0.10240.21161

Microsoft/Windows 10 Version 1607 10.0.14393.0 - 10.0.14393.8519

Microsoft/Windows 10 Version 1809 10.0.17763.0 - 10.0.17763.7919

Microsoft/Windows 10 Version 21H2 10.0.19044.0 - 10.0.19044.6456

Microsoft/Windows 10 Version 22H2 10.0.19045.0 - 10.0.19045.6456

... and 34 more

Published Oct 14, 2025

Tracked Since Feb 18, 2026