CVE-2025-29974

Q: What is the severity of CVE-2025-29974?

CVE-2025-29974 has a CVSS score of 5.7 (MEDIUM). An integer underflow vulnerability in the Windows Kernel allows attackers on adjacent networks to read kernel memory and potentially disclose sensitive information. This affects Windows systems with vulnerable kernel versions. Attackers must be on the same local network segment as the target.

5.7 MEDIUM

📋 TL;DR

An integer underflow vulnerability in the Windows Kernel allows attackers on adjacent networks to read kernel memory and potentially disclose sensitive information. This affects Windows systems with vulnerable kernel versions. Attackers must be on the same local network segment as the target.

💻 Affected Systems

Products:

Windows

Versions: Specific versions not yet detailed in public advisory

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: All Windows systems with vulnerable kernel versions are affected. Requires adjacent network access for exploitation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel memory disclosure could reveal sensitive data like passwords, encryption keys, or system information that could facilitate further attacks.

🟠

Likely Case

Information disclosure of kernel memory contents, potentially revealing system details or partial data that could aid in other attacks.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing adjacent network access.

🌐 Internet-Facing: LOW - Requires adjacent network access, not directly exploitable from the internet.

🏢 Internal Only: MEDIUM - Could be exploited by attackers who gain access to internal networks or through compromised internal systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires adjacent network access and knowledge of vulnerable kernel structures. No public exploit code known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Microsoft Security Update Guide for specific patch versions

Vendor Advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29974

Restart Required: Yes

Instructions:

1. Check Microsoft Security Update Guide for affected versions. 2. Apply the latest Windows security updates through Windows Update. 3. Restart the system as required.

🔧 Temporary Workarounds

Network Segmentation

all

Implement strict network segmentation to limit adjacent network access to critical systems.

Firewall Rules

all

Configure firewalls to restrict unnecessary network traffic between systems on the same segment.

🧯 If You Can't Patch

Implement strict network segmentation and access controls
Monitor for suspicious network activity and kernel memory access attempts

🔍 How to Verify

Check if Vulnerable:

Check Windows version and compare against Microsoft's affected versions list in the advisory.

Check Version:

wmic os get version

Verify Fix Applied:

Verify Windows Update history shows the security patch has been applied and system is running patched kernel version.

📡 Detection & Monitoring

Log Indicators:

Unusual kernel memory access patterns
Network traffic from unexpected adjacent systems

Network Indicators:

Suspicious network packets targeting kernel interfaces from adjacent systems

SIEM Query:

EventID=4688 OR EventID=4657 with process names indicating kernel access from network sources

📊 Metadata

CVE ID: CVE-2025-29974

CVSS v3 Score: 5.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE: CWE-125

EPSS Score: 0.31% exploit probability (53.7th percentile)

Published: May 13, 2025

Last Updated: May 19, 2025

🔗 References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29974 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Windows 10 1507 by Microsoft

Windows 10 1507 by Microsoft

Windows 10 1607 by Microsoft

Windows 10 1607 by Microsoft

Windows 10 1809 by Microsoft

Windows 10 1809 by Microsoft

Windows 10 21h2 by Microsoft

Windows 10 21h2 by Microsoft

Windows 10 21h2 by Microsoft

Windows 10 22h2 by Microsoft

Windows 10 22h2 by Microsoft

Windows 10 22h2 by Microsoft

Windows 11 22h2 by Microsoft

Windows 11 22h2 by Microsoft

Windows 11 23h2 by Microsoft

Windows 11 23h2 by Microsoft

Windows 11 24h2 by Microsoft

Windows 11 24h2 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2012 by Microsoft

Windows Server 2012 by Microsoft

Windows Server 2016 by Microsoft

Windows Server 2019 by Microsoft

Windows Server 2022 by Microsoft

Windows Server 2022 23h2 by Microsoft

Windows Server 2025 by Microsoft

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Firewall Rules

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities