CVE-2025-24984 — Microsoft Windows NTFS Information Disclosure Vulnerability

Description

Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose information with a physical attack. An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.

How to fix CVE-2025-24984

No package mapping is available — consult the references below for vendor-specific guidance.

Is CVE-2025-24984 being exploited?

Yes — CVE-2025-24984 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.

Affected packages (0)

No package mapping in OSV.