External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
CVSS Details
- CVSS 3.1 Base Score: 6.5
- CVSS 3.1 Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N)
Covered by Rapid7
| Product | Vendor Advisory | Solution File | Added | Published |
|---|---|---|---|---|
| Microsoft Windows | microsoft-windows-windows_10-1507-kb5053618microsoft-windows-windows_10-1607-kb5053594microsoft-windows-windows_10-1809-kb5053596microsoft-windows-windows_10-21h2-kb5053606microsoft-windows-windows_10-22h2-kb5053606microsoft-windows-windows_11-22h2-kb5053602microsoft-windows-windows_11-23h2-kb5053602microsoft-windows-windows_11-24h2-kb5053598microsoft-windows-windows_server_2012-kb5053886microsoft-windows-windows_server_2012_r2-kb5053887microsoft-windows-windows_server_2016-1607-kb5053594microsoft-windows-windows_server_2019-1809-kb5053596microsoft-windows-windows_server_2022-21h2-kb5053603microsoft-windows-windows_server_2022-22h2-kb5053603microsoft-windows-windows_server_2022-23h2-kb5053599microsoft-windows-windows_server_2025-24h2-kb5053598 | Mar 11, 2025 | Mar 11, 2025 |
Prioritise with Active Threat Intelligence
With curated Threat Intelligence, you can see which vulnerabilities truly put you at risk, prioritize what matters most, and act before attackers do.
Explore Intelligence Hub