vulnerability

Microsoft Windows: CVE-2025-29971: Web Threat Defense (WTD.sys) Denial of Service Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	May 13, 2025	May 13, 2025	May 8, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

May 13, 2025

Added

May 13, 2025

Modified

May 8, 2026

Description

Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.

Solutions

microsoft-windows-windows_11-22h2-kb5058405microsoft-windows-windows_11-23h2-kb5058405microsoft-windows-windows_11-24h2-kb5058411microsoft-windows-windows_11-24h2-kb5061258

References

CVE-2025-29971
https://attackerkb.com/topics/CVE-2025-29971
CWE-125
EUVD-EUVD-2025-14466
https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-14466
https://support.microsoft.com/help/5058405
https://support.microsoft.com/help/5058411
https://support.microsoft.com/help/5061258

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report