CVE-2025-29954

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Windows LDAP versions prior to the fixed version

Description The issue is related to uncontrolled resource consumption in the Lightweight Directory Access Protocol (LDAP) of Microsoft Windows operating systems. This can be exploited by a remote attacker to cause a denial of service. The protocol allows an unauthorized attacker to deny service over a network.

Recommendations For Windows LDAP versions prior to the fixed version, update to the latest version to resolve the issue. As a temporary workaround, consider restricting access to the LDAP service to minimize the risk of exploitation. Avoid using the vulnerable LDAP protocol until the issue is resolved.

Fix

DoS

Resource Exhaustion

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-770

Related Identifiers

BDU:2025-05576

CVE-2025-29954

Affected Products

Windows

Windows Ldap

CVE-2025-29954

Weakness Enumeration

Related Identifiers

Affected Products

References · 10