CVE-2025-21311 exploits a flaw in NTLMv1 authentication allowing privilege escalation to SYSTEM. Disable NTLMv1 across the domain via Group Policy and apply the January 2025 patches. This is particularly dangerous in environments with legacy systems that still negotiate NTLMv1.
Windows NTLM V1 Elevation of Privilege Vulnerability allows an attacker who successfully exploited this vulnerability to gain SYSTEM privileges.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →