Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

msrc логотип

CVE-2025-29954

Опубликовано: 07 авг. 2025
Источник: msrc
CVSS3: 5.9
EPSS Низкий

Описание

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

FAQ

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data.

Are there additional actions I need to take to harden my system against unauthenticated RPC calls?

Possibly. Refer to KB5066014—Netlogon RPC Hardening (CVE-2025-49716) - Microsoft Support for additional follow-up actions you might need to take.

Обновления

ПродуктСтатьяОбновление
Windows Server 2008 for 32-bit Systems Service Pack 2
50584495058429
Monthly RollupSecurity Only
Windows Server 2008 for x64-based Systems Service Pack 2
50584495058429
Monthly RollupSecurity Only
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
50584495058429
Monthly RollupSecurity Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
50584305058454
Monthly RollupSecurity Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1
50584305058454
Monthly RollupSecurity Only
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
50584495058429
Monthly RollupSecurity Only
Windows Server 2012
5058451
Monthly Rollup
Windows Server 2012 (Server Core installation)
5058451
Monthly Rollup
Windows Server 2012 R2
5058403
Monthly Rollup
Windows Server 2012 R2 (Server Core installation)
5058403
Monthly Rollup

Показывать по

Возможность эксплуатации

Publicly Disclosed

No

Exploited

No

Latest Software Release

Exploitation Unlikely

EPSS

Процентиль: 65%
0.00503
Низкий

5.9 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2025-29954

CVSS3: 5.9
nvd
7 месяцев назад

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

github логотип

GHSA-vfg9-gh45-wrq2

CVSS3: 5.9
github
7 месяцев назад

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

fstec логотип

BDU:2025-05576

CVSS3: 5.9
fstec
7 месяцев назад

Уязвимость реализации протокола службы каталогов LDAP (Lightweight Directory Access Protocol) операционных систем Microsoft Windows, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 65%
0.00503
Низкий

5.9 Medium

CVSS3