CVE-2025-21300

Q: What is the severity of CVE-2025-21300?

CVE-2025-21300 has a CVSS score of 7.5 (HIGH). This vulnerability in Windows Universal Plug and Play (UPnP) Device Host service allows attackers to cause a denial of service by sending specially crafted requests. It affects Windows systems with UPnP enabled, potentially causing service crashes or system instability. Organizations using Windows devices with UPnP functionality are at risk.

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability in Windows Universal Plug and Play (UPnP) Device Host service allows attackers to cause a denial of service by sending specially crafted requests. It affects Windows systems with UPnP enabled, potentially causing service crashes or system instability. Organizations using Windows devices with UPnP functionality are at risk.

💻 Affected Systems

Products:

Windows Universal Plug and Play (UPnP) Device Host

Versions: Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Systems with UPnP service enabled are vulnerable. UPnP may be enabled by default on some Windows configurations.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash or persistent denial of service requiring reboot, potentially affecting multiple systems in a network environment.

🟠

Likely Case

UPnP service crash causing temporary loss of device discovery and control functionality until service restart.

🟢

If Mitigated

Minimal impact with proper network segmentation and UPnP disabled on internet-facing systems.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires network access to the UPnP service. No authentication is required to trigger the vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Microsoft Security Update Guide for specific KB numbers

Vendor Advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21300

Restart Required: Yes

Instructions:

1. Apply latest Windows security updates from Microsoft Update. 2. Restart affected systems. 3. Verify UPnP service is running properly after restart.

🔧 Temporary Workarounds

Disable UPnP Service

windows

Disable the UPnP Device Host service to prevent exploitation

sc config upnphost start= disabled
sc stop upnphost

Block UPnP Network Traffic

all

Block UPnP traffic at network perimeter

🧯 If You Can't Patch

Disable UPnP service on all affected systems
Implement network segmentation to isolate UPnP traffic

🔍 How to Verify

Check if Vulnerable:

Check if UPnP service is running and system has not applied the security patch

Check Version:

systeminfo | findstr /B /C:"OS Name" /C:"OS Version"

Verify Fix Applied:

Verify Windows Update history shows the security patch applied and UPnP service is running without issues

📡 Detection & Monitoring

Log Indicators:

UPnP service crash events in Windows Event Log
System instability or reboot events

Network Indicators:

Unusual UPnP traffic patterns
Multiple UPnP requests from single sources

SIEM Query:

EventID=7034 AND ServiceName="UPnP Device Host" OR EventID=1000 AND Source="UPnP"

📊 Metadata

CVE ID: CVE-2025-21300

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-400

EPSS Score: 3.32% exploit probability (87th percentile)

Published: January 14, 2025

Last Updated: February 13, 2026

🔗 References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21300 Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Windows 10 1507 by Microsoft

Windows 10 1507 by Microsoft

Windows 10 1607 by Microsoft

Windows 10 1607 by Microsoft

Windows 10 1809 by Microsoft

Windows 10 1809 by Microsoft

Windows 10 21h2 by Microsoft

Windows 10 22h2 by Microsoft

Windows 11 22h2 by Microsoft

Windows 11 23h2 by Microsoft

Windows 11 24h2 by Microsoft

Windows Server 2008 by Microsoft