← ExploitWatch
HomeExploited Vulnerabilities

CVE-2025-24984 — Actively Exploited: Windows (Microsoft)

Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose information with a physical attack. An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.

CVE IDCVE-2025-24984
VendorMicrosoft
ProductWindows
Vulnerability nameMicrosoft Windows NTFS Information Disclosure Vulnerability
Date added2025-03-11
Remediation due2025-04-01
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionMicrosoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose information with a physical attack. An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →