Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that allows an authorized attacker to disclose information locally.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2025-24991 | Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability | exploitation_technique | T1091 | Replication Through Removable Media |
Comments
This vulnerability is facilitated by the insertion of information into log files, which could lead to the disclosure of said sensitive information through an attack. In order to exploit this vulnerability, an attacker needs physical access to the system, such as the ability to mount an external drive.
References
|
| CVE-2025-24991 | Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability | primary_impact | T1005 | Data from Local System |
Comments
This vulnerability is facilitated by the insertion of information into log files, which could lead to the disclosure of said sensitive information through an attack. In order to exploit this vulnerability, an attacker needs physical access to the system, such as the ability to mount an external drive.
References
|