PT-2025-36882 · Microsoft · Windows
Bryan De Houwer
·
Published
2025-09-09
·
Updated
2026-03-01
·
CVE-2025-54918
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Windows NTLM versions prior to the fix included in CVE-2025-54918
Description
An improper authentication issue exists within Windows NTLM. This flaw allows an authorized attacker to elevate privileges over a network. The vulnerability relates to deficiencies in the authentication procedure of the NTLM protocol. Exploitation may allow a remote attacker to elevate their privileges. The vulnerability allows for reflection of RPC to LDAPS from a standard user to a domain administrator. The issue was addressed by ensuring the Message Integrity Check (MIC) is always calculated, even if Type3 is empty.
Recommendations
Apply the fix included in CVE-2025-54918.
Fix
LPE
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows