CVE-2025-21336

FAQ

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to carefully time their actions to exploit the timing differences in the execution of specific operations. They must accurately measure these timing variations to infer sensitive information or gain unauthorized access. This often involves sophisticated techniques to manipulate and observe the timing behavior of the target system.

According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

An attacker who successfully exploited this vulnerability could potentially execute a cross-VM attack, thereby compromising multiple virtual machines and expanding the impact of the attack beyond the initially targeted VM.

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of encrypted PKCS1 information. An attacker could read the contents of encrypted PKCS1 information from a user mode process.

Are there any additional steps that I need to follow to be protected from this vulnerability?

The changes to address this vulnerability updated Virtual Secure Mode components. The policy described in Guidance for blocking rollback of Virtualization-based Security (VBS) related security updates has been updated to account for the latest changes. If you deployed this policy, then you'll need to redeploy using the updated policy.