प्लेटफ़ॉर्म
windows
घटक
windows-web-threat-defense-user-service
में ठीक किया गया
10.0.22621.4751
10.0.22631.4751
10.0.22631.4751
10.0.26100.2894
CVE-2025-21343 is an Information Disclosure vulnerability affecting the Windows Web Threat Defense User Service. This flaw allows attackers to potentially expose sensitive information stored within the service. The vulnerability impacts Windows versions 10.0.22621.0 through 10.0.26100.2894. Microsoft has released a security update to address this issue.
Successful exploitation of CVE-2025-21343 could allow an attacker to gain unauthorized access to sensitive data processed by the Windows Web Threat Defense User Service. The specific data exposed depends on the service's configuration and the data it handles, but could include user credentials, network configurations, or other confidential information. While the vulnerability is classified as Information Disclosure, the potential for data compromise could lead to further attacks, such as privilege escalation or data exfiltration. The blast radius is limited to systems running the affected versions of Windows and utilizing the Web Threat Defense User Service.
CVE-2025-21343 was publicly disclosed on January 14, 2025. Currently, there are no known public exploits or active campaigns targeting this vulnerability. The vulnerability is not listed on the CISA KEV catalog as of this writing. The CVSS score of 7.5 (High) indicates a significant potential for exploitation if a suitable exploit is developed and released.
Organizations utilizing the Windows Web Threat Defense User Service, particularly those with legacy Windows 10 deployments or those who have not consistently applied security updates, are at increased risk. Systems with weak network segmentation or inadequate monitoring capabilities are also more vulnerable.
• windows / supply-chain:
Get-WinEvent -LogName Application -FilterXPath "*[System[Provider[@Name='Microsoft-Windows-WebThreatDefenseUserService']]]" | Where-Object {$_.Level -eq 2}• windows / supply-chain:
Get-Process -Name WebThreatDefenseUserSvc -ErrorAction SilentlyContinue• windows / supply-chain:
Get-ScheduledTask | Where-Object {$_.TaskName -like '*WebThreatDefense*'} | Format-List TaskName, Statedisclosure
एक्सप्लॉइट स्थिति
EPSS
5.39% (90% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation for CVE-2025-21343 is to upgrade to Windows version 10.0.26100.2894 or later, which includes the security update that resolves the vulnerability. If immediate patching is not feasible, consider implementing network segmentation to limit the potential impact of a successful exploit. Monitor network traffic for unusual activity related to the Web Threat Defense User Service. While no specific WAF rules are available, general rules to detect unusual data access patterns could be helpful.
Actualice a la última versión de Windows 11 para obtener la corrección de seguridad. La actualización se puede realizar a través de Windows Update en la configuración del sistema.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2025-21343 is a high-severity vulnerability in the Windows Web Threat Defense User Service that allows attackers to potentially expose sensitive information. It affects Windows versions 10.0.22621.0–10.0.26100.2894.
You are affected if you are running Windows versions 10.0.22621.0 through 10.0.26100.2894 and have the Windows Web Threat Defense User Service enabled.
Upgrade to Windows version 10.0.26100.2894 or later to apply the security update that resolves this vulnerability.
As of the current date, there are no known public exploits or active campaigns targeting CVE-2025-21343.
Refer to the Microsoft Security Update Guide for CVE-2025-21343: [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21343](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21343)
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।