| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2025-24054 | Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability | exploitation_technique | T1566 | Phishing |
Comments
Using a crafted .library-ms file, attackers can exploit this spoofing vulnerability to gain access to NTLM hashes on the system. This was officially patched by Microsoft on March 11, 2025, but has been exploited in the wild as of March 19, 2025.
References
|
| CVE-2025-24054 | Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability | primary_impact | T1555 | Credentials from Password Stores |
Comments
Using a crafted .library-ms file, attackers can exploit this spoofing vulnerability to gain access to NTLM hashes on the system. This was officially patched by Microsoft on March 11, 2025, but has been exploited in the wild as of March 19, 2025.
References
|