CVE-2025-55234
Last modified
CVE-2025-55234 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against relay attacks: SMB Server signing SMB Server Extended Protection for Authentication (EPA) Microsoft is releasing this CVE to provide customers with audit capabilities to help them to assess their environment and to identify any potential device or software incompatibility issues before deploying SMB Server hardening measures that protect against relay attacks. If you have not already enabled SMB Server hardening measures, we advise customers to take the following actions to be protected from these relay attacks: Assess your environment by utilizing the audit capabilities that we are exposing in the September 2025 security updates. EPSS estimates a 18.83% chance of exploitation in the next 30 days.
Description
SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against relay attacks: SMB Server signing SMB Server Extended Protection for Authentication (EPA) Microsoft is releasing this CVE to provide customers with audit capabilities to help them to assess their environment and to identify any potential device or software incompatibility issues before deploying SMB Server hardening measures that protect against relay attacks. If you have not already enabled SMB Server hardening measures, we advise customers to take the following actions to be protected from these relay attacks: Assess your environment by utilizing the audit capabilities that we are exposing in the September 2025 security updates. See Support for Audit Events to deploy SMB Server Hardening—SMB Server Signing & SMB Server EPA. Adopt appropriate SMB Server hardening measures.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Microsoft | Windows 10 1507 | < 10.0.10240.21128 | — |
| Microsoft | Windows 10 1607 | < 10.0.14393.8422 | — |
| Microsoft | Windows 10 1809 | < 10.0.17763.7792 | — |
| Microsoft | Windows 10 21h2 | < 10.0.19044.6332 | — |
| Microsoft | Windows 10 22h2 | < 10.0.19045.6332 | — |
| Microsoft | Windows 11 22h2 | < 10.0.22621.5909 | — |
| Microsoft | Windows 11 23h2 | < 10.0.22631.5909 | — |
| Microsoft | Windows 11 24h2 | < 10.0.26100.6508 | — |
| Microsoft | Windows Server 2008 | All versions | Sp2 |
| Microsoft | Windows Server 2008 | r2 | Sp1 |
| Microsoft | Windows Server 2012 | All versions | — |
| Microsoft | Windows Server 2012 | r2 | — |
| Microsoft | Windows Server 2016 | < 10.0.14393.8422 | — |
| Microsoft | Windows Server 2019 | < 10.0.17763.7792 | — |
| Microsoft | Windows Server 2022 | < 10.0.20348.4106 | — |
| Microsoft | Windows Server 2022 23h2 | < 10.0.25398.1849 | — |
| Microsoft | Windows Server 2025 | < 10.0.26100.6508 | — |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2025-55234?
How severe is CVE-2025-55234?
How do I fix CVE-2025-55234?
Are you affected by CVE-2025-55234?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST