The vulnerability of the VSP Elevation function in the hardware virtualization technology of Windows Hyper-V operating systems allows attackers to elevate their privileges to the SYSTEM level.

The vulnerability of the VSP Elevation function in the hardware virtualization layer of Windows Hyper-V operating systems involves the possibility of exploiting memory after it is freed. Exploiting this vulnerability can allow an attacker to elevate their privileges to the SYSTEM level...

Microsoft: Happy 2025. Here’s 161 Security Updates

Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three "zero-day" weaknesses that are already under active attack. Redmond's inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since...

Patch Tuesday - January 2025

Microsoft is addressing 161 vulnerabilities this January 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for eight of the vulnerabilities published today, with three listed on CISA KEV. This is now the fourth consecutive month where Microsoft has...

Patch Tuesday - January 2025

Microsoft is addressing 161 vulnerabilities this January 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for eight of the vulnerabilities published today, with three listed on CISA KEV. This is now the fourth consecutive month where Microsoft has...

CVE-2025-21335

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability...

CVE-2025-21334

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability...

CVE-2025-21333

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability...

CVE-2025-21335

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability...

CVE-2025-21334

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability...

CVE-2025-21334 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

...

CVE-2025-21334 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

...

CVE-2025-21334

CVE-2025-21334 concerns Windows Hyper-V NT Kernel Integration VSP with a Use-After-Free vulnerability. The connected documents indicate this family (CVE-21333/21334/21335) involves host–VM communications, yields Elevation of Privilege on the host via local access, and is part of a trio with CVE-2...

CVE-2025-21333 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

...

CVE-2025-21333 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

...

CVE-2025-21333

CVE-2025-21333 is a local elevation-of-privilege vulnerability in Windows Hyper‑V NT Kernel Integration VSP. The issue is a heap-based buffer overflow in the VSP component, enabling a local attacker with Low privilege and no user interaction to gain SYSTEM rights on the host. Public materials in ...

CVE-2025-21335 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

...

CVE-2025-21335

CVE-2025-21335 is part of the Windows Hyper-V NT Kernel Integration VSP elevation-of-privilege family. Connected sources confirm three related CVEs: CVE-2025-21333 (heap-based buffer overflow), CVE-2025-21334 (use-after-free), and CVE-2025-21335 (use-after-free). The vulnerability affects the hos...

CVE-2025-21335 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

...

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-55591link is external Fortinet FortiOS Authorization Bypass Vulnerability CVE-2025-21333link is external Microsoft Windows Hyper-V NT Kernel Integration VSP...

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

...