CVE-2025-24993 vulnerability in Microsoft Products
Published on March 11, 2025

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

Vendor Advisory NVD

Known Exploited Vulnerability

This Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that could allow an authorized attacker to execute code locally.

The following remediation steps are recommended / required by April 1, 2025: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Vulnerability Analysis

CVE-2025-24993 can be exploited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Products Associated with CVE-2025-24993

You can be notified by stack.watch whenever vulnerabilities like CVE-2025-24993 are published in these products:

Microsoft Windows Server 2008

Microsoft Windows Server 2012

Microsoft Windows Server 2016

Microsoft Windows Server 2019

Microsoft Windows 10 1507

Microsoft Windows Server 2022 23h2

Microsoft Windows Server 2025

Microsoft Windows 10

Microsoft Windows 11

Microsoft Windows 11 23h2

Microsoft Windows 11 24h2

Microsoft Windows Server 2022

What versions are vulnerable to CVE-2025-24993?