CVE-2025-29968

EUVD-2025-14469
Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
microsoftCNA
6.5 MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_server_2008
-
microsoftwindows_server_2012
-
microsoftwindows_server_2016
𝑥
< 10.0.14393.8066
microsoftwindows_server_2019
𝑥
< 10.0.17763.7314
microsoftwindows_server_2022
𝑥
< 10.0.20348.3692
microsoftwindows_server_2022_23h2
𝑥
< 10.0.25398.1611
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows Server 2008
Service Pack 2 (x64, x86)
KB5058449
Service Pack 2 Server Core (x64, x86)
KB5058449
Windows Server 2008 R2
Service Pack 1 (x64)
KB5058454
Service Pack 1 Server Core (x64)
KB5058454
Windows Server 2012
Server Core
KB5058451
Standard
KB5058451
Windows Server 2012 R2
Server Core
KB5058403
Standard
KB5058403
Windows Server 2016
Server Core
KB5058383
Standard
KB5058383
Windows Server 2019
Server Core
KB5058392
Standard
KB5058392
Windows Server 2022
23H2 Server Core
KB5058384
Server Core
KB5058385
Standard
KB5058385
Standard
KB5058500
Common Weakness Enumeration
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29968