ID:11640 - Exploit for Link following in Windows Server and Windows - CVE-2025-21420

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:11640 - Exploit for Link following in Windows Server and Windows - CVE-2025-21420

ID:11640 - Exploit for Link following in Windows Server and Windows - CVE-2025-21420

Published: June 13, 2025


Vulnerability identifier: #VU103821
Vulnerability risk: Low
CVE-ID: CVE-2025-21420
CWE-ID: CWE-59
Exploitation vector: Local access
Vulnerable software:
Windows Server
Windows

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insecure link following in Windows Disk Cleanup Tool. A local user can gain elevated privileges on the target system.


Remediation

Install updates from vendor's website.