CVE-2025-55234
BaseFortify
Publication date: 2025-09-09
Last updated on: 2025-10-17
Assigner: Microsoft Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| microsoft | windows_10_1507 | to 10.0.10240.21128 (exc) |
| microsoft | windows_10_1507 | to 10.0.10240.21128 (exc) |
| microsoft | windows_10_1607 | to 10.0.14393.8422 (exc) |
| microsoft | windows_10_1607 | to 10.0.14393.8422 (exc) |
| microsoft | windows_10_1809 | to 10.0.17763.7792 (exc) |
| microsoft | windows_10_1809 | to 10.0.17763.7792 (exc) |
| microsoft | windows_10_21h2 | to 10.0.19044.6332 (exc) |
| microsoft | windows_10_22h2 | to 10.0.19045.6332 (exc) |
| microsoft | windows_11_22h2 | to 10.0.22621.5909 (exc) |
| microsoft | windows_11_23h2 | to 10.0.22631.5909 (exc) |
| microsoft | windows_11_24h2 | to 10.0.26100.6508 (exc) |
| microsoft | windows_server_2008 | * |
| microsoft | windows_server_2008 | * |
| microsoft | windows_server_2008 | r2 |
| microsoft | windows_server_2012 | * |
| microsoft | windows_server_2012 | r2 |
| microsoft | windows_server_2016 | to 10.0.14393.8422 (exc) |
| microsoft | windows_server_2019 | to 10.0.17763.7792 (exc) |
| microsoft | windows_server_2022 | to 10.0.20348.4106 (exc) |
| microsoft | windows_server_2022_23h2 | to 10.0.25398.1849 (exc) |
| microsoft | windows_server_2025 | to 10.0.26100.6508 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the SMB Server being susceptible to relay attacks depending on its configuration. An attacker who successfully exploits this can perform relay attacks that may lead to elevation of privilege attacks on users. Microsoft provides audit capabilities to help assess environments and identify potential incompatibilities before deploying SMB Server hardening measures such as SMB Server signing and SMB Server Extended Protection for Authentication (EPA).
How can this vulnerability impact me? :
If exploited, this vulnerability can allow attackers to perform relay attacks that may result in elevation of privilege attacks, potentially compromising user accounts and system security. This could lead to unauthorized access and control over affected systems.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by utilizing the audit capabilities introduced in the September 2025 security updates for SMB Server. These audit features help assess your environment and identify potential device or software incompatibility issues related to SMB Server hardening against relay attacks. Specific commands are not provided in the available information.
What immediate steps should I take to mitigate this vulnerability?
Immediate steps include assessing your environment using the audit capabilities provided in the September 2025 security updates, and adopting appropriate SMB Server hardening measures such as enabling SMB Server signing and SMB Server Extended Protection for Authentication (EPA).