CVE-2025-21333

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

Basic Information

CVE State: PUBLISHED
Reserved Date: December 11, 2024
Published Date: January 14, 2025
Last Updated: April 02, 2025
Vendor: Microsoft
Product: Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025
Description: Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

CVSS Scores

CVSS v3.1

7.8 - HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2025-01-14 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2025-02-27 12:36:55 UTC) Source

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21333

Known Exploited Vulnerability Information

Source	Added Date
CISA	2025-01-14 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

aleongx/KQL_sentinel_CVE-2025-21333

Type: github • Created: 2025-03-11 17:32:07 UTC • Stars: 0

KQL para deteccion de CVE-2025-21333 en Sentinel

MrAle98/CVE-2025-21333-POC

Type: github • Created: 2025-02-27 12:36:55 UTC • Stars: 186

POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY