🟒 CVE-2025-24984

Windows NTFS information disclosure vulnerability that allows unauthorized attackers to access sensitive information from log files through physical access to affected systems. Despite being in CISA KEV, this requires physical access and cannot be exploited remotely over the internet.

← Back to Overview
LOW_RISK
Risk Level
4.6
CVSS Score
PHYSICAL
Attack Vector
Collection
ATT&CK Tactic
T1005 β€” Data from Local System
ATT&CK Technique
VERY_LOW
Deployment Risk
No
Ransomware

πŸ“‹ Vulnerability Details

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: OTHER

CVE Published: 2025-03-11

Added to CISA KEV: 2025-03-11 0 DAY BETWEEN CVE AND KEV

🎯 Recommendations:

πŸ” Web Intelligence (Kagi Β· 2026-06-04)

CVE-2025-24984 is a vulnerability in Windows NTFS that allows an unauthorized attacker to disclose sensitive information via a physical attack [1].

Below is a summary of the available information regarding this vulnerability:

Vulnerability Overview
  • Description: The vulnerability involves the insertion of sensitive information into a log file within Windows NTFS [1].
  • Impact: Successful exploitation allows an unauthorized attacker to disclose sensitive information [1].
  • Exploitation Requirements: The attack is characterized as a physical attack, meaning it requires physical access to the target system [1].
Exploitation and Threat Landscape
  • Active Exploitation: CVE-2025-24984 has been added to the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog, which indicates that it has been actively exploited in the wild [2].
  • Threat Actor Usage & Campaigns: While its inclusion in the CISA KEV catalog confirms active exploitation, specific details regarding the threat actors involved or its use in specific ransomware or targeted campaigns are not publicly detailed in standard vulnerability databases [2].
  • Proof-of-Concept: There is no widely available information regarding public proof-of-concept (PoC) code or specific exploit tools for this vulnerability [2].
Mitigation and Status
  • Patch Status: Microsoft has released security updates to address this vulnerability. Users are strongly advised to apply the relevant patches provided by Microsoft to mitigate the risk of exploitation [1] [2].
  • Affected Versions: For specific details on affected Windows versions and the corresponding security updates, please refer to the official [Microsoft Security Update Guide](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-24984) [3].

Sources

  1. CVE-2025-24984 Detail - NVD

    Description. Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. ... An official website of the United States government Here's how you know ... CVE-2025-24984 Detail. Description. Insertion of sensitive inf…

  2. CVE-2025-24984 - Exploits & Severity - Feedly

    CVE-2025-24984 is a Windows NTFS Information Disclosure Vulnerability that has been added to CISA's Known Exploited Vulnerabilities Catalog, highlighting its criticality. Users are urged to apply patches before April 1, 2025, to mitigate potential exploitation. No additional details regarding CVSS s…

  3. Security Update Guide - Microsoft Security Response Center

Generated by PatchNow Intelligence System

Analysis based on CIRCL.LU data, Claude AI assessment, and MITRE ATT&CK framework

πŸ“„ Download JSON Data | πŸ“‘ RSS Feed