{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "10.0.10240.20947" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.10240.20947" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.14393.7876" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.14393.7876" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.17763.7009" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.17763.7009" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.22631.5039" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.26100.3476" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.26100.3476" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "r2" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.14393.7876" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.17763.7009" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.20348.3328" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.25398.1486" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.26100.3476" } ] } ] } } ], "details": "Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.", "id": "CVE-2025-24071", "modified": "2026-03-12T13:47:10.611810109Z", "published": "2025-03-11T17:16:29.867Z", "references": [ { "type": "ADVISORY", "url": "https://www.vicarius.io/vsociety/posts/cve-2025-24071-spoofing-vulnerability-in-microsoft-windows-file-explorer-mitigation-script" }, { "type": "ADVISORY", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24071" }, { "type": "EVIDENCE", "url": "https://www.vicarius.io/vsociety/posts/cve-2025-24071-spoofing-vulnerability-in-microsoft-windows-file-explorer-detection-scrip" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ] }