Plattform
windows
Komponente
windows-kerberos
Behoben in
10.0.26100.4946
10.0.26100.4946
CVE-2025-53779 describes a relative path traversal vulnerability discovered in Windows Kerberos. This flaw allows an authenticated attacker to potentially escalate their privileges within a network environment. The vulnerability impacts Windows Kerberos versions ranging from 10.0.26100.0 to 10.0.26100.4946. Microsoft has released a security update to address this issue.
The path traversal vulnerability in Windows Kerberos allows an attacker who has already gained some level of access to the system to manipulate file paths and potentially access sensitive data or execute arbitrary code. An attacker could exploit this to read configuration files, access credentials, or even modify system files. The impact is particularly severe in environments where Kerberos is used for authentication and authorization, as a successful exploitation could lead to widespread privilege escalation and compromise of network resources. This vulnerability shares similarities with other path traversal exploits where attackers leverage improper input validation to navigate outside of intended directories.
CVE-2025-53779 was published on 2025-08-12. The vulnerability's severity is rated HIGH (7.2 CVSS). There are currently no publicly known proof-of-concept exploits available, but the nature of path traversal vulnerabilities suggests that exploitation is likely once a suitable exploit is developed. It is not currently listed on the CISA KEV catalog.
Organizations heavily reliant on Kerberos authentication, particularly those with legacy systems or complex domain configurations, are at higher risk. Environments with weak access controls or insufficient network segmentation are also more vulnerable. Systems with outdated Kerberos configurations or those that have not been regularly patched are particularly susceptible to exploitation.
• windows / supply-chain:
Get-WinEvent -LogName Security -Filter "EventID = 4625 -MessageText '*\\'"• windows / supply-chain:
Get-Process | Where-Object {$_.Path -match '\\'} | Select-Object Name, Path• windows / supply-chain:
Get-ScheduledTask | Where-Object {$_.Actions.Path -match '\\'} | Select-Object TaskName, Actions.Pathdisclosure
Exploit-Status
EPSS
0.45% (64% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-53779 is to upgrade to Windows Kerberos version 10.0.26100.4946 or later. If immediate patching is not feasible, consider implementing stricter access controls and network segmentation to limit the potential blast radius of a successful attack. Review and harden Kerberos configuration settings, paying close attention to authentication policies and access permissions. Monitor network traffic for unusual file access patterns that might indicate exploitation attempts. After upgrade, confirm by verifying the Kerberos version using Get-KerberosVersion in PowerShell.
Aplique la actualización de seguridad proporcionada por Microsoft para Windows Server 2025. La actualización corrige la vulnerabilidad de elevación de privilegios en Kerberos.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-53779 is a path traversal vulnerability in Windows Kerberos allowing an authenticated attacker to elevate privileges. It affects versions 10.0.26100.0 through 10.0.26100.4946 and has a CVSS score of 7.2 (HIGH).
If you are running Windows versions 10.0.26100.0 to 10.0.26100.4946 and utilize Kerberos authentication, you are potentially affected by this vulnerability. Check your system versions against the affected range.
The recommended fix is to upgrade to Windows version 10.0.26100.4946 or later. If immediate patching is not possible, implement network segmentation and review Kerberos configurations.
As of August 12, 2025, there are no confirmed reports of active exploitation of CVE-2025-53779. However, the vulnerability is publicly known and could be targeted in the future.
Refer to the official Microsoft Security Update Guide for CVE-2025-53779 when it is published. Check the Microsoft Security Response Center website for updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.