CVE-2025-24054CISA KEV: Actively Exploited

Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability

Published Apr 17, 2025·Updated Apr 17, 2025

Description

Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network.

Public Exploits & PoCs11 found

PoC: CVE-2025-24054-PoC

Proof of Concept for the NTLM Hash Leak via .library-ms CVE-2025-24054

3

[POC] GHSA-3mgp-fx93-9xv5 — cve-2025-24054

POC for CVE-2025-24054

[POC] GHSA-2j8v-hwgc-x698 — cve-2025-24054-lab

Blue-team lab: detecting & mitigating CVE-2025-24054 (Windows NTLM hash disclosure) with Sysmon, Wazuh SIEM, and Group Policy

PoC: CVE-2025-24054-24071---Metasploit-Module

Módulo de Metasploit para explotar CVE-2025-24054 (ex 24071). Exploit de filtración NTLM integrado en Metasploit para vectores de ataque basados en bibliotecas de Windows.

PoC: CVE-2025-24054_CVE-2025-24071-PoC

CVE-2025-24054 And CVE-2025-24071-PoC

PoC: CVE-2025-24054

Windows File Explorer Zero Click NTLMv2-SSP Hash Disclosure

PoC: CVE-2025-24054_PoC

A proof of concept for CVE-2025-24054/CVE-2025-24071

PoC: CVE-2025-24054_POC

CVE 2025 24054

PoC: CVE-2025-24054

Vulnerabilidad NTLM (CVE-2025-24054) explotada para robo de hashes

PoC: CVE-2025-24054_PoC

PoC - CVE-2025-24071 / CVE-2025-24054, NTMLv2 hash'leri alınabilen bir vulnerability

PoC: CVE-2025-24054_CVE-2025-24071-PoC

🛠️ Exploit NTLM hash leaks via `.library-ms` files on unpatched Windows systems for research with this proof of concept and setup instructions.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free