Home
Mapping Frameworks
Known Exploited Vulnerabilities Home
Microsoft Windows Storage Link Following Vulnerability

Known Exploited Vulnerabilities CVE-2025-21391

Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in the service being unavailable.

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2025-21391	Microsoft Windows Storage Link Following Vulnerability	exploitation_technique	T1068	Exploitation for Privilege Escalation	Comments Exploiting this link-following vulnerability can lead to privilege escalation, with the primary result being deletion of system data. As a consequence of this, deletion of certain files could also make the recovery process more difficult. References https://silentbreach.com/BlogArticles/cve-2025-21391-elevation-of-privilege-in-windows-storage/
CVE-2025-21391	Microsoft Windows Storage Link Following Vulnerability	primary_impact	T1485	Data Destruction	Comments Exploiting this link-following vulnerability can lead to privilege escalation, with the primary result being deletion of system data. As a consequence of this, deletion of certain files could also make the recovery process more difficult. References https://silentbreach.com/BlogArticles/cve-2025-21391-elevation-of-privilege-in-windows-storage/
CVE-2025-21391	Microsoft Windows Storage Link Following Vulnerability	primary_impact	T1490	Inhibit System Recovery	Comments Exploiting this link-following vulnerability can lead to privilege escalation, with the primary result being deletion of system data. As a consequence of this, deletion of certain files could also make the recovery process more difficult. References https://silentbreach.com/BlogArticles/cve-2025-21391-elevation-of-privilege-in-windows-storage/