What is the severity of CVE-2025-24993?

CVE-2025-24993 has a critical severity rating as it allows unauthorized code execution due to a heap-based buffer overflow in Windows NTFS.

How do I fix CVE-2025-24993?

To fix CVE-2025-24993, apply the relevant security patches provided by Microsoft for the affected Windows versions.

Which Windows versions are affected by CVE-2025-24993?

CVE-2025-24993 affects various versions of Windows, including Windows Server 2008, Windows 10, Windows 11, and others.

Can CVE-2025-24993 be exploited remotely?

CVE-2025-24993 is primarily a local attack vector, allowing unauthorized local execution of code.

Are there any workarounds for CVE-2025-24993 before applying patches?

Currently, there are no specific workarounds for CVE-2025-24993, so applying the necessary patches is recommended.

Vulnerability/
CVE-2025-24993

Exploited

high

7.8

CWE

119 122

11/3/2025

12/3/2025

CVE-2025-24993: Windows NTFS Remote Code Execution Vulnerability

First published: Tue Mar 11 2025(Updated: )

<p>Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.</p>

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows Server 2012 R2		fix available externally
Microsoft Windows 10		fix available externally
Microsoft Windows 10	=1607	fix available externally
Windows 11	=22H2	fix available externally
Microsoft Windows Server		fix available externally fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows Server		fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows Server 2019		fix available externally
Microsoft Windows 10	=1809	fix available externally
Windows 11	=22H2	fix available externally
Microsoft Windows 10		fix available externally
Microsoft Windows 10	=1607	fix available externally
Microsoft Windows Server 2022		fix available externally fix available externally
Microsoft Windows Server 2022		fix available externally fix available externally
Microsoft Windows Server		fix available externally
Windows 11	=24H2	fix available externally fix available externally
Microsoft Windows Server 2022 23H2		fix available externally
Microsoft Windows Server 2012 R2		fix available externally
Microsoft Windows 10	=1809	fix available externally
Windows 11	=23H2	fix available externally
Windows 11	=24H2	fix available externally fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows Server 2008 R2		fix available externally fix available externally
Microsoft Windows Server 2019		fix available externally
Microsoft Windows Server 2008 R2		fix available externally fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows Server 2025		fix available externally fix available externally
Microsoft Windows Server		fix available externally fix available externally
Windows 11	=23H2	fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows Server 2025		fix available externally fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows Server		fix available externally fix available externally
Microsoft Windows Server		fix available externally fix available externally
Microsoft Windows Server 2016		fix available externally
Microsoft Windows Server 2016		fix available externally
Microsoft Windows
	=1809	fix available externally
	=1809	fix available externally
		fix available externally
		fix available externally
		fix available externally
		fix available externally fix available externally
		fix available externally fix available externally
		fix available externally fix available externally
		fix available externally
		fix available externally
		fix available externally
	=1607	fix available externally
		fix available externally fix available externally
		fix available externally fix available externally
		fix available externally
	=1607	fix available externally
		fix available externally fix available externally
		fix available externally
		fix available externally fix available externally
		fix available externally
	=24H2	fix available externally fix available externally
	=24H2	fix available externally fix available externally
	=23H2	fix available externally
		fix available externally
		fix available externally fix available externally
	=23H2	fix available externally
	=22H2	fix available externally
	=22H2	fix available externally
	=22H2	fix available externally
	=22H2	fix available externally
	=22H2	fix available externally
	=21H2	fix available externally
	=21H2	fix available externally
	=21H2	fix available externally
		fix available externally fix available externally
		fix available externally fix available externally
		fix available externally

Remedy

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Never miss a vulnerability like this again

Reference Links

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is the severity of CVE-2025-24993?
CVE-2025-24993 has a critical severity rating as it allows unauthorized code execution due to a heap-based buffer overflow in Windows NTFS.
How do I fix CVE-2025-24993?
To fix CVE-2025-24993, apply the relevant security patches provided by Microsoft for the affected Windows versions.
Which Windows versions are affected by CVE-2025-24993?
CVE-2025-24993 affects various versions of Windows, including Windows Server 2008, Windows 10, Windows 11, and others.
Can CVE-2025-24993 be exploited remotely?
CVE-2025-24993 is primarily a local attack vector, allowing unauthorized local execution of code.
Are there any workarounds for CVE-2025-24993 before applying patches?
Currently, there are no specific workarounds for CVE-2025-24993, so applying the necessary patches is recommended.

collector/mitre-cve
source/MITRE
collector/msrc-cve
source/Microsoft
exploited/true
agent/title
agent/type
agent/software-canonical-lookup
collector/msrc
agent/software-canonical-lookup-request
collector/cisa-known-exploited
source/CISA
agent/remedy
agent/first-publish-date
collector/nvd-api
source/NVD
agent/weakness
agent/last-modified-date
agent/author
agent/description
collector/nvd-cve
agent/softwarecombine
collector/the-register
source/The Register
alias/CVE-2025-24993
alias/CVE-2025-24991
alias/CVE-2025-24984
alias/CVE-2025-24985
alias/CVE-2025-24983
alias/CVE-2025-26633
alias/CVE-2025-24035
alias/CVE-2025-24045
alias/CVE-2025-26645
alias/CVE-2025-24057
alias/CVE-2025-24064
alias/CVE-2025-24084
alias/CVE-2025-26630
alias/CVE-2025-24201
alias/CVE-2024-50302
alias/CVE-2024-43093
agent/news-ai
zeroday/true
agent/references
agent/severity
agent/source
agent/tags
agent/event
agent/trending
vendor/microsoft
canonical/microsoft windows server 2012 r2
canonical/windows 11
version/windows 11/22h2
canonical/microsoft windows 10
version/microsoft windows 10/1607
canonical/microsoft windows server
version/microsoft windows 10/21h2
canonical/microsoft windows server 2019
version/microsoft windows 10/1809
canonical/microsoft windows server 2022
version/windows 11/24h2
canonical/microsoft windows server 2022 23h2
version/windows 11/23h2
version/microsoft windows 10/22h2
canonical/microsoft windows server 2008 r2
canonical/microsoft windows server 2025
canonical/microsoft windows server 2016
canonical/microsoft windows