THREATOPS
THREAT OPSCVEs › CVE-2025-24054

CVE-2025-24054 — Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability

CISA KEVExploited: confirmedMicrosoft

Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network.

Vulnerability details