Impact
The flaw is a null pointer dereference in the Lightweight Directory Access Protocol component of Windows Server. When an LDAP request is processed incorrectly, the flaw causes the LDAP service to crash, resulting in a denial of service. Because the vulnerability requires no authentication or special privileges, any remote actor able to send LDAP traffic to the target can trigger the crash and temporarily render the directory service unavailable.
Affected Systems
The vulnerability affects Microsoft Windows Server 2019, Windows Server 2019 Server Core, Windows Server 2022, Windows Server 2022 Server Core, Windows Server 2022 23H2, Windows Server 2025, and Windows Server 2025 Server Core installations.
Risk and Exploitability
The CVSS score of 7.5 indicates a high severity impact. The EPSS score of 1% suggests exploitation is low but not negligible. The flaw is not listed in CISA’s KEV catalog, meaning no confirmed widespread exploitation at this time. Attackers can exploit it remotely over LDAP traffic without authentication, so any host that accepts LDAP requests from an adversary could experience service interruption. While no specific payload format is detailed, the lack of authentication and the presence of a null pointer dereference imply that a crafted LDAP request can trigger the crash irrespective of the target’s role or configuration.
OpenCVE Enrichment