CVE-2025-29971

Web Threat Defense (WTD.sys) Denial of Service Vulnerability

CVSS 7.5 HIGHEPSS 57.7%CWE-125

In short

A flaw in Web Threat Defense allows an attacker to crash or freeze a system by sending specially crafted network traffic, disrupting service availability.

Technical detail

An out-of-bounds read vulnerability in WTD.sys kernel driver permits remote unauthenticated attackers to trigger a denial of service condition via malformed network packets, without requiring local access or privilege escalation.

Summary generated and translated by AI from the official description.

Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

Affected products

Microsoft · Windows 11 version 22H2 Microsoft · Windows 11 version 22H3 Microsoft · Windows 11 Version 23H2 Microsoft · Windows 11 Version 24H2

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29971