CVE-2025-21352: 
vulnerability analysis and mitigation

A Denial of Service vulnerability has been identified in Microsoft Windows' Internet Connection Sharing (ICS) component. The vulnerability was assigned CVE-2025-21352 and was disclosed on December 11, 2024 (CVE Mitre).

The vulnerability has been classified as a Denial of Service (DoS) issue affecting the Internet Connection Sharing (ICS) component in Microsoft Windows. Based on the available information, it has received a CVSS severity score of 6.0, indicating a medium severity level with attack vector being adjacent network (AV:A), low attack complexity (AC:L), no authentication required (Au:N), and potential for complete availability impact (A:C) (Rapid7).

The vulnerability can result in a Denial of Service condition in the Internet Connection Sharing (ICS) service, potentially disrupting network connectivity for systems utilizing this feature (CVE Mitre).

Microsoft has released security updates to address this vulnerability across multiple Windows versions including Windows 10, Windows 11, and various Windows Server versions. The fixes are available through security updates KB5051974, KB5051979, KB5051980, KB5051987, KB5051989, KB5052000, KB5052006, KB5052020, KB5052040, and KB5052042 (Rapid7).