CVE-2025-32725: 
vulnerability analysis and mitigation

CVE-2025-32725 is a Denial of Service vulnerability affecting Windows DHCP Server that was discovered and disclosed on June 10, 2025, as part of Microsoft's June 2025 Patch Tuesday security updates. The vulnerability stems from a protection mechanism failure in Windows DHCP Server that allows unauthorized attackers to deny service over a network (Wiz, NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with the vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. It is classified under CWE-693 (Protection Mechanism Failure). The technical assessment indicates that the vulnerability can be exploited over a network without requiring user privileges or interaction (NVD, Wiz).

The vulnerability affects the availability of the DHCP Server service, potentially leading to service disruption. As a denial of service vulnerability, successful exploitation could result in the DHCP server becoming unresponsive, affecting network connectivity and IP address assignment for clients (Wiz).

Microsoft has released a security update to address this vulnerability as part of the June 2025 Patch Tuesday. Organizations are advised to apply the security update as soon as possible to protect against potential exploitation. The patches are available for multiple versions of Windows Server, including Server 2016, 2019, 2022, and 2025 (Wiz, Rapid7).