CVE-2025-21311 exploits a flaw in NTLMv1 authentication allowing privilege escalation to SYSTEM. Disable NTLMv1 across the domain via Group Policy and apply the January 2025 patches. This is particularly dangerous in environments with legacy systems that still negotiate NTLMv1.
Windows NTLM V1 Elevation of Privilege Vulnerability allows an attacker who successfully exploited this vulnerability to gain SYSTEM privileges.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →