CVE-2025-24071: Microsoft Windows File Explorer Spoofing Vulnerability

Overview

Severity

Medium (CVSS 6.5)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

Category

Spoofing

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2025-Mar

Released

2025-03-11

Last Updated

2025-04-03

EPSS Score

57.65% (percentile: 98.2%)

Description

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

FAQ

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? A user would need to be tricked into opening a folder that contains a specially crafted file.

Known Exploits (21)

• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-12-21T22:56:55Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-12-16T00:20:36Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-12-10T05:41:26Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-07-05T09:22:29Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-06-13T05:08:22Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-06-09T09:05:59Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-06-09T06:47:14Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-05-28T00:21:32Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-05-27T13:20:23Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-05-26T01:01:17Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-04-22T13:04:41Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-04-21T20:05:07Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-04-18T11:17:48Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-03-29T18:00:29Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-03-27T14:36:29Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-03-27T09:49:54Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-03-27T08:32:38Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-03-21T02:43:32Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-03-19T21:37:54Z
• Microsoft Windows Exposure of Sensitive Information to an Unauthorized Actor — added 2025-03-18T14:43:28Z

Detection & Weaponization (1 sources)

Maturity: Exploit

• GitHub PoC: 20 repositories

Affected Products (29)

Windows

• Windows 10 Version 1809 for 32-bit Systems
• Windows 10 Version 1809 for x64-based Systems
• Windows Server 2019
• Windows Server 2019 (Server Core installation)
• Windows Server 2022
• Windows Server 2022 (Server Core installation)
• Windows 10 Version 21H2 for 32-bit Systems
• Windows 10 Version 21H2 for ARM64-based Systems
• Windows 10 Version 21H2 for x64-based Systems
• Windows Server 2025 (Server Core installation)
• Windows 11 Version 23H2 for ARM64-based Systems
• Windows 11 Version 23H2 for x64-based Systems
• Windows Server 2022, 23H2 Edition (Server Core installation)
• Windows 11 Version 24H2 for ARM64-based Systems
• Windows 11 Version 24H2 for x64-based Systems
• Windows Server 2025
• Windows 10 for 32-bit Systems
• Windows 10 for x64-based Systems
• Windows 10 Version 1607 for 32-bit Systems
• Windows 10 Version 1607 for x64-based Systems
• Windows Server 2016
• Windows Server 2016 (Server Core installation)

ESU

• Windows 11 Version 22H2 for ARM64-based Systems
• Windows 11 Version 22H2 for x64-based Systems
• Windows 10 Version 22H2 for x64-based Systems
• Windows 10 Version 22H2 for ARM64-based Systems
• Windows 10 Version 22H2 for 32-bit Systems
• Windows Server 2012 R2
• Windows Server 2012 R2 (Server Core installation)

Security Updates (9)

• 5053596
• 5053603
• 5053606
• 5053602
• 5053598
• 5053599
• 5053618
• 5053594
• 5053887

Acknowledgments

<a href="https://www.facebook.com/skorikjr">SkorikARI</a> with SkorikARI, <a href="https://x9090.x.com/">Wayne Low of Synapxe</a>

Revision History

• 2025-03-11: Information published.
• 2025-04-03: Added an FAQ and updated the CVSS score. This is an informational change only.