CVE-2026-25177

HIGH

Active Directory Domain Services - Privilege Escalation

Title source: llm

Description

Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

Exploits (2)

github SCANNER 10 stars

by XiaomingX · pythonpoc

https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-25177

View Code ZIP pw:eip

nomisec FAILED

by danaug23 · poc

https://github.com/danaug23/detect_CVE-2026-25177

View Code ZIP pw:eip

References (1)

[Vendor Advisory] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25177

Scores

CVSS v3 8.8

EPSS 0.0006

EPSS Percentile 17.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-641

Status published

Products (37)

microsoft/windows_10_1607 < 10.0.14393.8957 (2 CPE variants)

microsoft/windows_10_1809 < 10.0.17763.8511 (2 CPE variants)

microsoft/windows_10_21h2 < 10.0.19044.7058 (3 CPE variants)

microsoft/windows_10_22h2 < 10.0.19045.7058 (3 CPE variants)

Microsoft/Windows 10 Version 1607 10.0.14393.0 - 10.0.14393.8957

Microsoft/Windows 10 Version 1809 10.0.17763.0 - 10.0.17763.8511

Microsoft/Windows 10 Version 21H2 10.0.19044.0 - 10.0.19044.7058

Microsoft/Windows 10 Version 22H2 10.0.19045.0 - 10.0.19045.7058

microsoft/windows_11_23h2 < 10.0.22631.6783 (2 CPE variants)

microsoft/windows_11_24h2 < 10.0.26100.7979 (2 CPE variants)

... and 27 more

Published Mar 10, 2026

Tracked Since Mar 11, 2026