CVE-2025-21333 - Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability
Project:Microsoft
Product:Windows
Date Added:2025-01-14Due Date:2025-02-04
Vulnerability Name
Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability
Description
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a heap-based buffer overflow vulnerability that allows a local attacker to gain SYSTEM privileges.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21333
https://nvd.nist.gov/vuln/detail/CVE-2025-21333
Related News Articles
3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security UpdateJanuary 15, 2025
Microsoft Rings in 2025 With Record Security UpdateJanuary 15, 2025
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flawsJanuary 15, 2025