Описание
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-50154
- https://cymulate.com/blog/zero-click-one-ntlm-microsoft-security-patch-bypass-cve-2025-50154
- https://github.com/rubenformation/CVE-2025-50154
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-50154
- https://www.vicarius.io/vsociety/posts/cve-2025-50154-detection-script-zero-click-windows-file-explorer-spoofing-vulnerability
- https://www.vicarius.io/vsociety/posts/cve-2025-50154-mitigation-script-zero-click-windows-file-explorer-spoofing-vulnerability
Связанные уязвимости
CVSS3: 6.5
nvd
3 месяца назад
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
CVSS3: 6.5
msrc
около 2 месяцев назад
Microsoft Windows File Explorer Spoofing Vulnerability
CVSS3: 7.5
fstec
3 месяца назад
Уязвимость проводника Windows (Windows File Explorer) операционных систем Windows, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации