CVE-2025-24054 - Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability
Project:Microsoft
Product:Windows
Date Added:2025-04-17Due Date:2025-05-08
Vulnerability Name
Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability
Description
Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24054
https://nvd.nist.gov/vuln/detail/CVE-2025-24054
Related News Articles
CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File DownloadApril 18, 2025
Windows NTLM hash leak flaw exploited in phishing attacks on governmentsApril 18, 2025