CVE-2025-21355

Name of the Vulnerable Software and Affected Versions Microsoft Bing (affected versions not specified)

Description The issue is related to missing authentication for a critical function in Microsoft Bing, allowing an unauthorized attacker to execute code over a network. This is due to inadequate authentication mechanisms in a critical Bing service component. The estimated number of potentially affected devices worldwide is not provided. There is information about real-world incidents where this issue was exploited, as it is mentioned that the vulnerability was actively exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. However, it is mentioned that Microsoft has addressed the critical security flaw, and there is no action for users of this service to take, as the vulnerability has already been fully mitigated by Microsoft.