CVE-2025-50154
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
| Software | From | Fixed in |
|---|---|---|
| microsoft / windows_server_2008 | r2-sp1 | r2-sp1.x |
| microsoft / windows_server_2012 | r2 | r2.x |
| microsoft / windows_server_2008 | --sp2 | --sp2.x |
| microsoft / windows_11_24h2 | - | 10.0.26100.4851 |
| microsoft / windows_10_1507 | - | 10.0.10240.21100 |
| microsoft / windows_10_1607 | - | 10.0.14393.8330 |
| microsoft / windows_10_1809 | - | 10.0.17763.7678 |
| microsoft / windows_10_21h2 | - | 10.0.19044.6216 |
| microsoft / windows_10_22h2 | - | 10.0.19045.6216 |
| microsoft / windows_11_22h2 | - | 10.0.22621.5768 |
| microsoft / windows_11_23h2 | - | 10.0.22631.5768 |
| microsoft / windows_server_2016 | - | 10.0.14393.8330 |
| microsoft / windows_server_2025 | - | 10.0.26100.4851 |
| microsoft / windows_server_2019 | - | 10.0.17763.7678 |
| microsoft / windows_server_2022 | - | 10.0.20348.3989 |
| microsoft / windows_server_2022_23h2 | - | 10.0.25398.1791 |
- https://cymulate.com/blog/zero-click-one-ntlm-microsoft-security-patch-bypass-cve-2025-50154/
- https://github.com/rubenformation/CVE-2025-50154/
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50154
- https://www.vicarius.io/vsociety/posts/cve-2025-50154-detection-script-zero-click-windows-file-explorer-spoofing-vulnerability
- https://www.vicarius.io/vsociety/posts/cve-2025-50154-mitigation-script-zero-click-windows-file-explorer-spoofing-vulnerability
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime