Exposed Dangerous Method or Function

CVE-2025-26651

Medium

6.5/10

Summary

Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-749 - Exposed Dangerous Method or Function

The software provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.

References

Advisory Timeline

Published Apr 08, 2025

Exposed Dangerous Method or Function

CVE-2025-26651

Summary

CWE-749 - Exposed Dangerous Method or Function

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS