OnlyFm252
Microsoft Surface

CVE-2025-21194 — Microsoft Surface Security Feature Bypass Vulnerability

Important CVSS 7.1 EPSS 0.00823 📢 Publicly disclosed 2025-02 archive

Executive Summary

None

Overview

7.1
CVSS HIGH
Important
MS Severity
Not Exploited
MS Exploit Status
Less Likely
MS Exploit Likelihood
Category Security Feature Bypass
Released Feb 11 2025
Last Updated Feb 11 2025
Publicly Disclosed Yes
CISA KEV Not Listed
Known Exploits None Known
EPSS Score 0.00823 — 0.52526 percentile

CVSS Vector

ATTACK VECTOR
Adjacent
ATTACK COMPLEXITY
High
PRIVILEGES REQUIRED
None
USER INTERACTION
Required
SCOPE
Unchanged
Temporal Score: 6.2

EPSS Score

0.00823
probability of exploitation in the next 30 days
0.52526 percentile - updated 2026-06-20
View on FIRST.org

Affected Products

15 affected products
Product KB Article Severity Impact Restart Required
Microsoft Surface Go 2 Important Security Feature Bypass Unknown
Microsoft Surface Go 3 Important Security Feature Bypass Unknown
Microsoft Surface Hub Important Security Feature Bypass Unknown
Microsoft Surface Hub 2S Important Security Feature Bypass Unknown
Microsoft Surface Hub 3 Important Security Feature Bypass Unknown
Microsoft Surface Laptop Go Important Security Feature Bypass Unknown
Microsoft Surface Laptop Go 2 Important Security Feature Bypass Unknown
Microsoft Surface Laptop Go 3 Important Security Feature Bypass Unknown
Microsoft Surface Pro 7+ Important Security Feature Bypass Unknown
Microsoft Surface Pro 8 Important Security Feature Bypass Unknown
Microsoft Surface Pro 9 ARM Important Security Feature Bypass Unknown
Surface Laptop 3 with Intel Processor Important Security Feature Bypass Unknown
Surface Laptop 4 with AMD Processor Important Security Feature Bypass Unknown
Surface Laptop 4 with Intel Processor Important Security Feature Bypass Unknown
Surface Windows Dev Kit Important Security Feature Bypass Unknown

Patches

1 patch
Article Type Restart
Unknown

Known Exploits

Acknowledgments

Quarkslab

On This Page