Windows Storage 0-Day Vulnerability Let Attackers Delete The Target Files Remotely
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
A significant security vulnerability has been identified in Windows, allowing attackers to remotely delete targeted files on affected systems.
This vulnerability, tracked as CVE-2025-21391, was disclosed on February 11, 2025, and is classified as an Elevation of Privilege vulnerability with a severity rating of “Important.”
CVE-2025-21391 exploits a flaw known as “Improper Link Resolution Before File Access” (CWE-59), which enables attackers to manipulate file access permissions.
The vulnerability’s CVSS score is 7.1, indicating a moderate to high risk.
The attack vector is local (AV:L), with low attack complexity (AC:L) and low privileges required (PR:L), meaning that an attacker does not need extensive resources or permissions to exploit this vulnerability.
Microsoft researchers noted that the CVSS metrics highlight that while there is no loss of confidentiality (C:N), the impact on integrity (I:H) and availability (A:H) is significant.
This means that although sensitive information cannot be accessed, attackers can delete critical files, potentially disrupting system operations.
Exploitability and Impact
The vulnerability has been exploited in the wild, as indicated by the “Exploitation Detected” status.
Successful exploitation allows attackers to delete targeted files, which could lead to service unavailability if critical system files are affected.
This vulnerability affects various Windows versions, including Windows Server 2016, Windows Server 2019, Windows Server 2022, Windows 10 (versions 1607, 1809, 21H2, and 22H2), and Windows 11 (version 22H2). Both x64 and ARM64 architectures are impacted.
To protect against this vulnerability, users are advised to apply the latest “Microsoft Patch Tuesday February 2025 update,” from Microsoft.
Users should prioritize updating their systems to prevent potential exploitation and ensure the integrity and availability of their data.
#Cyber_Security_News #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
Windows Storage 0-Day Vulnerability Let Attackers Delete The Target Files Remotely
Author: Tushar Subhra DuttaA significant security vulnerability has been identified in Windows, allowing attackers to remotely delete targeted files on affected systems.
This vulnerability, tracked as CVE-2025-21391, was disclosed on February 11, 2025, and is classified as an Elevation of Privilege vulnerability with a severity rating of “Important.”
CVE-2025-21391 exploits a flaw known as “Improper Link Resolution Before File Access” (CWE-59), which enables attackers to manipulate file access permissions.
The vulnerability’s CVSS score is 7.1, indicating a moderate to high risk.
The attack vector is local (AV:L), with low attack complexity (AC:L) and low privileges required (PR:L), meaning that an attacker does not need extensive resources or permissions to exploit this vulnerability.
Microsoft researchers noted that the CVSS metrics highlight that while there is no loss of confidentiality (C:N), the impact on integrity (I:H) and availability (A:H) is significant.
This means that although sensitive information cannot be accessed, attackers can delete critical files, potentially disrupting system operations.
Exploitability and Impact
The vulnerability has been exploited in the wild, as indicated by the “Exploitation Detected” status.
Successful exploitation allows attackers to delete targeted files, which could lead to service unavailability if critical system files are affected.
This vulnerability affects various Windows versions, including Windows Server 2016, Windows Server 2019, Windows Server 2022, Windows 10 (versions 1607, 1809, 21H2, and 22H2), and Windows 11 (version 22H2). Both x64 and ARM64 architectures are impacted.
To protect against this vulnerability, users are advised to apply the latest “Microsoft Patch Tuesday February 2025 update,” from Microsoft.
Users should prioritize updating their systems to prevent potential exploitation and ensure the integrity and availability of their data.
#Cyber_Security_News #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
