{"id":9080,"date":"2025-12-10T10:03:41","date_gmt":"2025-12-10T10:03:41","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/12\/10\/windows-powershell-0-day-vulnerability-let-attackers-execute-malicious-code\/"},"modified":"2025-12-10T10:03:41","modified_gmt":"2025-12-10T10:03:41","slug":"windows-powershell-0-day-vulnerability-let-attackers-execute-malicious-code","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/12\/10\/windows-powershell-0-day-vulnerability-let-attackers-execute-malicious-code\/","title":{"rendered":"Windows PowerShell 0-Day Vulnerability Let Attackers Execute Malicious Code"},"content":{"rendered":"

Windows PowerShell 0-Day Vulnerability Let Attackers Execute Malicious Code
\n \t

\n
<\/BR>
\n
\n \t

\n
<\/BR><\/p>\n

\n

Security update addressing a dangerous Windows PowerShell<\/a> vulnerability that allows attackers to execute malicious code on affected systems.<\/p>\n

The vulnerability, tracked as CVE-2025-54100, was publicly disclosed on December 9, 2025, and represents a significant security risk for organizations worldwide.<\/p>\n

The flaw stems from improper neutralization of special elements in Windows PowerShell during command injection<\/a> attacks.<\/p>\n

The vulnerability enables unauthorized attackers to execute arbitrary code locally through specially crafted commands.<\/p>\n

Windows PowerShell 0-Day Vulnerability<\/strong><\/h2>\n

According to Microsoft\u2019s assessment, exploitation is currently considered less likely in real-world scenarios. However, the vulnerability has already been publicly disclosed.<\/p>\n

The attack requires local access and user interaction, meaning attackers typically need to convince users to open malicious files<\/a> or execute suspicious commands.<\/p>\n

\n\n\n\n\n\n\n\n\n\n
Details<\/strong><\/th>\nInformation<\/strong><\/th>\n<\/tr>\n<\/thead>\n
CVE Identifier<\/strong><\/td>\nCVE-2025-54100<\/a><\/td>\n<\/tr>\n
Attack Vector<\/strong><\/td>\nLocal<\/td>\n<\/tr>\n
CVSS Score<\/strong><\/td>\n7.8<\/td>\n<\/tr>\n
Impact Type<\/strong><\/td>\nRemote Code Execution<\/td>\n<\/tr>\n
Affected Component<\/strong><\/td>\nWindows PowerShell<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

The vulnerability has a CVSS severity score of 7.8 and is classified as Important by Microsoft.<\/p>\n

The weakness is categorized under CWE-77<\/a>, which involves improper neutralization of special elements used in command injection attacks.<\/p>\n

The vulnerability impacts a wide range of Windows operating systems, including Windows 10, Windows 11, Windows Server 2008 through 2025, and various system configurations.<\/p>\n

Microsoft has released<\/a> security updates across multiple platforms, with patch versions varying on operating system and installation type.<\/p>\n

Organizations using Windows Server 2025, Windows 11<\/a> versions 24H2 and 25H2, and Windows Server 2022 should prioritize patching using KB5072033 or KB5074204.<\/p>\n

Users running Windows 10 and earlier versions require separate updates, such as KB5071546 or KB5071544.<\/p>\n

System administrators should note that security updates for most affected systems require a system reboot after installation.<\/p>\n

Users installing security updates KB5074204 or KB5074353 will receive a security warning when using the Invoke-WebRequest command.<\/p>\n

Microsoft recommends using the UseBasicParsing switch to prevent script code execution from web content.<\/p>\n

Additionally, organizations should implement the guidance in KB5074596 regarding PowerShell 5.1 security measures to mitigate script execution risks.<\/p>\n

The acknowledgment reflects the collaborative effort between Microsoft and the security community in protecting Windows users from emerging threats<\/a>.<\/p>\n

The post Windows PowerShell 0-Day Vulnerability Let Attackers Execute Malicious Code<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\n

\t

\n
<\/BR>
\n Abinaya
\n \t

\n
<\/BR>
\nGo to cyber-security-news<\/a>
\n \t

\n
<\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"

Windows PowerShell 0-Day Vulnerability Let Attackers Execute Malicious Code Security update addressing a dangerous Windows PowerShell vulnerability that allows attackers to execute malicious code on affected systems. The vulnerability, tracked as CVE-2025-54100, was publicly disclosed on December 9, 2025, and represents a significant security risk for organizations worldwide. The flaw stems from improper neutralization of […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,131,648,395,517],"tags":[130],"class_list":["post-9080","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-vulnerability","category-vulnerability-news","category-windows","category-zero-day","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/9080"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=9080"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/9080\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=9080"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=9080"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=9080"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}