プラットフォーム
windows
コンポーネント
windows-search-service
修正版
10.0.17763.6775
10.0.19044.5371
10.0.19045.5371
10.0.22621.4751
10.0.22631.4751
10.0.22631.4751
10.0.26100.2894
10.0.17763.6775
10.0.17763.6775
10.0.20348.3091
10.0.25398.1369
10.0.26100.2894
10.0.26100.2894
CVE-2025-21292 describes an elevation of privilege vulnerability within the Windows Search Service. Successful exploitation could allow an attacker to gain higher-than-expected system privileges. This vulnerability impacts Windows versions up to and including 10.0.26100.2894, and a patch is available.
This vulnerability allows a local attacker to escalate their privileges on a targeted system. An attacker could potentially gain control over the entire system, install malicious software, steal sensitive data, or disrupt operations. The impact is particularly severe in environments where user accounts have limited privileges, as exploitation could bypass these security controls. While the vulnerability requires local access, it represents a significant risk in scenarios involving insider threats or compromised user accounts.
CVE-2025-21292 was publicly disclosed on January 14, 2025. The vulnerability's severity is rated HIGH with a CVSS score of 8.8. No public proof-of-concept exploits are currently known, and there's no indication of active exploitation campaigns. It is not currently listed on the CISA KEV catalog.
Organizations running Windows 10 versions prior to 10.0.26100.2894 are at risk, particularly those with a large number of user accounts or systems with limited privilege configurations. Environments where local administrative access is frequently granted to non-administrative users are also at increased risk.
• windows / supply-chain:
Get-WinEvent -LogName Security -Filter "EventID = 4688 -MessageText '*\Windows Search*'">• windows / supply-chain:
Get-Process | Where-Object {$_.ProcessName -like '*searchindexer*'}• windows / supply-chain: Check Autoruns for unusual entries related to the Windows Search Service. • windows / supply-chain: Monitor Windows Defender for alerts related to privilege escalation attempts involving the Windows Search Service.
disclosure
エクスプロイト状況
EPSS
0.55% (68% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2025-21292 is to upgrade to Windows version 10.0.26100.2894 or later, which includes the security patch. If immediate patching is not possible, consider implementing least privilege principles to limit the potential impact of a successful exploit. Review user account permissions and restrict access to sensitive resources. Monitor system logs for suspicious activity related to the Windows Search Service.
Actualice su sistema operativo Windows a la última versión disponible a través de Windows Update. Esto instalará la versión corregida del servicio de búsqueda de Windows y solucionará la vulnerabilidad de elevación de privilegios. Asegúrese de aplicar todas las actualizaciones de seguridad tan pronto como estén disponibles.
脆弱性分析と重要アラートをメールでお届けします。
CVE-2025-21292 is a HIGH severity vulnerability in the Windows Search Service allowing attackers to gain elevated privileges. It affects Windows versions up to 10.0.26100.2894, with a CVSS score of 8.8.
You are affected if you are running Windows 10 versions at or below 10.0.26100.2894. Check your system version and apply the provided patch to mitigate the risk.
Upgrade your Windows installation to version 10.0.26100.2894 or later to receive the security patch. Ensure automatic updates are enabled to receive future security fixes.
Currently, there is no public evidence of active exploitation of CVE-2025-21292, but it's crucial to apply the patch proactively to prevent potential future attacks.
Refer to the official Microsoft Security Update Guide for CVE-2025-21292: [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21292]
依存関係ファイルをアップロードすれば、このCVEや他のCVEがあなたに影響するか即座にわかります。