Multiple vulnerabilities in Microsoft Windows Telephony Service
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 28 |
| CVE-ID | CVE-2025-21246 CVE-2025-21244 CVE-2025-21266 CVE-2025-21236 CVE-2025-21245 CVE-2025-21248 CVE-2025-21238 CVE-2025-21286 CVE-2025-21233 CVE-2025-21411 CVE-2025-21240 CVE-2025-21223 CVE-2025-21305 CVE-2025-21241 CVE-2025-21282 CVE-2025-21250 CVE-2025-21302 CVE-2025-21237 CVE-2025-21273 CVE-2025-21252 CVE-2025-21417 CVE-2025-21303 CVE-2025-21243 CVE-2025-21306 CVE-2025-21339 CVE-2025-21239 CVE-2025-21409 CVE-2025-21413 |
| CWE-ID | CWE-122 CWE-190 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 28 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU102603
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21246
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21246
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Integer overflow
EUVDB-ID: #VU102633
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21244
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21244
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Heap-based buffer overflow
EUVDB-ID: #VU102632
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21266
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21266
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Heap-based buffer overflow
EUVDB-ID: #VU102631
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21236
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21236
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Heap-based buffer overflow
EUVDB-ID: #VU102630
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21245
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21245
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Heap-based buffer overflow
EUVDB-ID: #VU102629
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21248
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2016 10.0.14393.10 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Heap-based buffer overflow
EUVDB-ID: #VU102628
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21238
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21238
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Heap-based buffer overflow
EUVDB-ID: #VU102627
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21286
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21286
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Heap-based buffer overflow
EUVDB-ID: #VU102626
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21233
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21233
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Heap-based buffer overflow
EUVDB-ID: #VU102625
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21411
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21411
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Heap-based buffer overflow
EUVDB-ID: #VU102624
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21240
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Heap-based buffer overflow
EUVDB-ID: #VU102623
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21223
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21223
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Heap-based buffer overflow
EUVDB-ID: #VU102622
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21305
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21305
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Heap-based buffer overflow
EUVDB-ID: #VU102621
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21241
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2016 10.0.14393.10 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21241
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Heap-based buffer overflow
EUVDB-ID: #VU102620
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21282
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21282
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Heap-based buffer overflow
EUVDB-ID: #VU102619
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21250
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21250
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Heap-based buffer overflow
EUVDB-ID: #VU102618
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21302
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21302
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Heap-based buffer overflow
EUVDB-ID: #VU102614
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21237
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21237
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Heap-based buffer overflow
EUVDB-ID: #VU102613
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21273
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21273
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Heap-based buffer overflow
EUVDB-ID: #VU102612
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21252
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21252
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Heap-based buffer overflow
EUVDB-ID: #VU102611
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21417
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21417
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Heap-based buffer overflow
EUVDB-ID: #VU102610
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21303
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21303
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Integer overflow
EUVDB-ID: #VU102609
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21243
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21243
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Heap-based buffer overflow
EUVDB-ID: #VU102608
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21306
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21306
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Heap-based buffer overflow
EUVDB-ID: #VU102607
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21339
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can trick a victim to connect to a malicious server, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21339
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Heap-based buffer overflow
EUVDB-ID: #VU102606
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21239
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2016 10.0.14393.10 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21239
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Heap-based buffer overflow
EUVDB-ID: #VU102605
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21409
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21409
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Heap-based buffer overflow
EUVDB-ID: #VU102604
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-21413
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Windows Telephony Service. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 21H2 10.0.19041.3920 - 11 24H2 10.0.26100.2894
Windows Server: 2008 R2 SP1 - 2025 10.0.26100.2605
CPE2.3- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.5247:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.20857:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.7606:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.6659:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_22H2:10.0.22621.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_23H2:10.0.22631.4602:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:11_24H2:10.0.26100.2894:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:6.0.6003.23016:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:6.2.9200.25222:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.7699:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022_23H2:10.0.25398.1308:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2025:10.0.26100.2605:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-21413
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
