CVE-2025-21391 - Microsoft Windows Storage Link Following Vulnerability

CVE ID:CVE-2025-21391

Project:Microsoft

Product:Windows

Date Added:2025-02-11Due Date:2025-03-04

Vulnerability Name

Microsoft Windows Storage Link Following Vulnerability

Description

Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in the service being unavailable.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21391

https://nvd.nist.gov/vuln/detail/CVE-2025-21391

Latest Security News

Top CVE List

Top Alert List

CSP
Content Security Policy (CSP) Header Not Set
MediumAbsence of Anti-CSRF Tokens
MediumMissing Anti-clickjacking Header
InformationalInformation Disclosure - Suspicious Comments
LowCross-Domain JavaScript Source File Inclusion
MediumContent Security Policy (CSP) Header Not Set
LowTimestamp Disclosure - Unix
LowCSP: X-Content-Security-Policy
InformationalRe-examine Cache-control Directives