PT-2025-1145 · Microsoft+1 · Windows Ntlm V1+2

Dylan Bickerstaff

Published

2025-01-14

Updated

2025-10-11

CVE-2025-21311

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Windows NTLM V1 (affected versions not specified)

Description The issue is related to an elevation-of-privilege vulnerability in the implementation of the NTLMv1 protocol in Windows operating systems. This vulnerability is associated with weaknesses in the authentication procedure. Exploitation of the vulnerability may allow a remote attacker to elevate their privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-303

Related Identifiers

BDU:2025-00424

CVE-2025-21311

Affected Products

Debian

Windows

Windows Ntlm V1

PT-2025-1145 · Microsoft+1 · Windows Ntlm V1+2

CVE-2025-21311

Weakness Enumeration

Related Identifiers

Affected Products

References · 21