Return to CVE list

CVE-2025-24054

6.5
Medium

Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability

secure@microsoft.com
Analyzed
View on MITREFind on GitHub

Description

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

Exploits

522802025-05-01localWindows

Microsoft - NTLM Hash Disclosure Spoofing (library-ms)

By hyp3rlinx

References

secure@microsoft.com
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24054
af854a3a-2127-422b-91ae-364da2661108
http://seclists.org/fulldisclosure/2025/Apr/28