CVE-2025-21300 is a vulnerability classified under CWE-400 (Uncontrolled Resource Consumption) that affects the Universal Plug and Play (UPnP) Device Host service in Microsoft Windows 10 Version 1507 (build 10.0.10240.0). UPnP is a protocol designed to allow devices on a network to discover each other and establish functional network services for data sharing and communications. The vulnerability allows an unauthenticated remote attacker to send specially crafted network packets to the UPnP Device Host service, causing it to consume excessive system resources such as CPU or memory. This resource exhaustion can lead to a denial of service (DoS) condition, rendering the affected system unresponsive or causing critical services to fail. The CVSS v3.1 base score of 7.5 reflects a high severity due to the network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The impact is limited to availability (A:H), with no confidentiality or integrity loss. The vulnerability affects only the initial release of Windows 10 (Version 1507), which is now obsolete and out of support. No patches or exploit code are currently publicly available, but the vulnerability is officially published and recognized by Microsoft. The lack of authentication and user interaction requirements increases the risk of remote exploitation, especially in network environments where UPnP is enabled and exposed.

For European organizations, the primary impact of CVE-2025-21300 is the potential for denial of service attacks against systems running Windows 10 Version 1507. This could disrupt business operations, particularly in environments where legacy systems remain in use due to compatibility or operational constraints. Critical infrastructure sectors such as energy, transportation, and healthcare could face service outages if vulnerable systems are targeted, impacting availability of essential services. Enterprises with large Windows 10 deployments that have not upgraded beyond the initial release may experience network disruptions or degraded performance. Since the vulnerability requires no authentication and no user interaction, attackers could automate attacks to cause widespread outages. Although no known exploits are currently active, the vulnerability's characteristics make it a candidate for future exploitation, especially in targeted attacks against organizations with legacy systems. The impact is mitigated if organizations have already upgraded to supported Windows versions or disabled UPnP services.

1. Upgrade all Windows 10 systems to a supported and fully patched version beyond Version 1507, as this initial release is no longer supported and contains multiple vulnerabilities. 2. Disable the Universal Plug and Play (UPnP) Device Host service on systems where it is not required, especially on network-facing devices, to reduce the attack surface. 3. Implement network segmentation and firewall rules to restrict access to UPnP services, allowing only trusted internal devices to communicate with UPnP hosts. 4. Monitor network traffic for unusual UPnP requests or spikes in resource usage that could indicate exploitation attempts. 5. Employ endpoint detection and response (EDR) solutions capable of identifying anomalous behavior related to resource exhaustion. 6. Educate IT staff about the risks of running unsupported Windows versions and the importance of timely patching and upgrades. 7. For critical infrastructure operators, conduct regular vulnerability assessments and penetration tests focusing on legacy systems and network protocols like UPnP.