PT-2025-24836 · Microsoft · Local Security Authority Subsystem Service +1

Or Yair

Published

2025-06-10

Updated

2025-08-11

CVE-2025-32724

Report an issue

CVSS v2.0

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions:

Windows Local Security Authority Subsystem Service (LSASS) (affected versions not specified)

Description:

The issue concerns uncontrolled resource consumption in the Windows Local Security Authority Subsystem Service (LSASS), allowing an unauthorized attacker to deny service over a network.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Resource Exhaustion

Weakness Enumeration

CWE-400

Related Identifiers

BDU:2025-06862

CVE-2025-32724

Affected Products

Windows

Local Security Authority Subsystem Service

PT-2025-24836 · Microsoft · Local Security Authority Subsystem Service +1

Weakness Enumeration

Related Identifiers

Affected Products

References · 10