CVE-2025-24071

Microsoft Windows File Explorer Spoofing Vulnerability

Basic Information

CVE State: PUBLISHED
Reserved Date: January 16, 2025
Published Date: March 11, 2025
Last Updated: February 13, 2026
Vendor: Microsoft
Product: Windows 10 Version 1507, Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)
Description: Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

CVSS Scores

CVSS v3.1

6.5 - MEDIUM

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

SSVC Information

Exploitation: none
Automatable: Yes
Technical Impact: partial

Exploit Status

Proof of Concept Available: Yes (added 2025-03-27 09:49:54 UTC) Source

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24071

Known Exploited Vulnerability Information

Source	Added Date
The Shadowserver (via CIRCL)	2025-12-02 23:02:58 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

ephunter/CVE-2025-24071-Exploit

Type: github • Created: 2025-07-07 17:56:53 UTC • Stars: 0

Exploit CVE-2025-24071

pswalia2u/CVE-2025-24071_POC

Type: github • Created: 2025-04-21 20:05:07 UTC • Stars: 0

cesarbtakeda/Windows-Explorer-CVE-2025-24071

Type: github • Created: 2025-03-29 18:00:29 UTC • Stars: 1

Marcejr117/CVE-2025-24071_PoC

Type: github • Created: 2025-03-27 14:36:29 UTC • Stars: 6

A PoC of CVE-2025-24071 / CVE-2025-24054, A windows vulnerability that allow get NTMLv2 hashes

rubbxalc/CVE-2025-24071

Type: github • Created: 2025-03-27 09:49:54 UTC • Stars: 1

ThemeHackers/CVE-2025-24071

Type: github • Created: 2025-03-27 08:32:38 UTC • Stars: 1

Windows File Explorer Spoofing Vulnerability (CVE-2025-24071)

shacojx/CVE-2025-24071-Exploit

Type: github • Created: 2025-03-21 02:43:32 UTC • Stars: 2

Exploit CVE-2025-24071

ctabango/CVE-2025-24071_PoCExtra

Type: github • Created: 2025-03-19 21:37:54 UTC • Stars: 2

Alternativa CVE-2025-24071_PoC

aleongx/CVE-2025-24071

Type: github • Created: 2025-03-19 18:54:53 UTC • Stars: 0

Windows File Explorer Spoofing Vulnerability (CVE-2025-24071)

FOLKS-iwd/CVE-2025-24071-msfvenom

Type: github • Created: 2025-03-18 14:43:28 UTC • Stars: 15

metasploit module for the CVE-2025-24071

0x6rss/CVE-2025-24071_PoC

Type: github • Created: 2025-03-16 20:10:19 UTC • Stars: 265

CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File

Timeline

CVE ID Reserved

January 16, 2025
CVE Published to Public

March 11, 2025
Proof of Concept Exploit Available

March 27, 2025
Added to KEVIntel

December 02, 2025