NVD - CVE-2025-21204

Vulnerability Change Records for CVE-2025-21204

Change History

Initial Analysis by NIST 7/09/2025 12:41:26 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64: cpe:2.3:o:microsoft:windows_server_2012:r2::::::: cpe:2.3:o:microsoft:windows_server_2012:-::::::: cpe:2.3:o:microsoft:windows_server_2008:-:sp2:::::x64: cpe:2.3:o:microsoft:windows_server_2008:-:sp2:::::x86: cpe:2.3:o:microsoft:windows_server_2022_23h2::::::::* versions up to (excluding) 10.0.25398.1551 cpe:2.3:o:microsoft:windows_10_1809:::::::x64: versions up to (excluding) 10.0.17763.7136 cpe:2.3:o:microsoft:windows_10_1809:::::::x86: versions up to (excluding) 10.0.17763.7136 cpe:2.3:o:microsoft:windows_10_1607:::::::x64: versions up to (excluding) 10.0.14393.7969 cpe:2.3:o:microsoft:windows_10_1607:::::::x86: versions up to (excluding) 10.0.14393.7969 cpe:2.3:o:microsoft:windows_server_2022::::::::* versions up to (excluding) 10.0.20348.3453 cpe:2.3:o:microsoft:windows_server_2016::::::::* versions up to (excluding) 10.0.14393.7969 cpe:2.3:o:microsoft:windows_server_2019::::::::* versions up to (excluding) 10.0.17763.7136 cpe:2.3:o:microsoft:windows_10_21h2::::::::* versions up to (excluding) 10.0.19044.5737 cpe:2.3:o:microsoft:windows_10_22h2::::::::* versions up to (excluding) 10.0.19045.5737 cpe:2.3:o:microsoft:windows_11_22h2::::::::* versions up to (excluding) 10.0.22621.5189 cpe:2.3:o:microsoft:windows_10_1507:::::::x64: versions up to (excluding) 10.0.10240.20978 cpe:2.3:o:microsoft:windows_10_1507:::::::x86: versions up to (excluding) 10.0.10240.20978 cpe:2.3:o:microsoft:windows_11_23h2::::::::* versions up to (excluding) 10.0.22631.5189 cpe:2.3:o:microsoft:windows_11_24h2::::::::* versions up to (excluding) 10.0.26100.3775 cpe:2.3:o:microsoft:windows_server_2025::::::::* versions up to (excluding) 10.0.26100.3775
Added	Reference Type		CVE: https://www.vicarius.io/vsociety/posts/cve-2025-21204-privilege-elevation-vulnerability-in-microsoft-windows-update-stack-detection-script Types: Tool Signature
Added	Reference Type		CVE: https://www.vicarius.io/vsociety/posts/cve-2025-21204-privilege-elevation-vulnerability-in-microsoft-windows-update-stack-mitigation-script Types: Mitigation
Added	Reference Type		Microsoft Corporation: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21204 Types: Vendor Advisory