{"id":39273,"date":"2025-12-10T13:44:31","date_gmt":"2025-12-10T18:44:31","guid":{"rendered":"https:\/\/www.yorku.ca\/uit\/?p=39273"},"modified":"2025-12-10T13:53:16","modified_gmt":"2025-12-10T18:53:16","slug":"powershell-remote-code-execution-cve-2025-54100","status":"publish","type":"post","link":"https:\/\/www.yorku.ca\/uit\/2025\/12\/powershell-remote-code-execution-cve-2025-54100\/","title":{"rendered":"PowerShell Remote Code Execution (CVE-2025-54100)"},"content":{"rendered":"<div class=\"postie-post\">\n<div>\n<div class=\"WordSection1\">\n<p class=\"MsoNormal\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif\"><o:p>&nbsp;<\/o:p><\/span><\/p>\n<div align=\"center\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"725\" style=\"width:544.0pt;background:#E0E0E0;border-collapse:collapse\">\n<tbody>\n<tr>\n<td style=\"border:solid windowtext 1.0pt;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\"><\/td>\n<\/tr>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"600\" style=\"width:450.0pt;background:white;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td style=\"padding:0cm 0cm 0cm 0cm\"><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:6.75pt 13.5pt 6.75pt 13.5pt\">\n<p class=\"MsoNormal\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif\"><img loading=\"lazy\" decoding=\"async\" width=\"688\" height=\"100\" style=\"width:7.1666in;height:1.0416in\" id=\"Picture_x0020_2\" src=\"https:\/\/www.yorku.ca\/uit\/wp-content\/uploads\/sites\/805\/2025\/12\/image001-7.png\" alt=\"A picture containing text  Description automatically generated\"><\/span><span style=\"font-family:\"IBM Plex Sans\",sans-serif\"><o:p><\/o:p><\/span><\/p>\n<p class=\"MsoNormal\" align=\"center\" style=\"text-align:center;page-break-after:avoid\">  <span style=\"font-family:\"IBM Plex Sans\",sans-serif;mso-fareast-language:EN-US\"><o:p>&nbsp;<\/o:p><\/span><\/p>\n<p class=\"MsoNormal\" align=\"center\" style=\"margin-bottom:12.0pt;text-align:center;line-height:105%\">  <b><span style=\"font-family:\"IBM Plex Sans\",sans-serif\">Service Advisory<\/span><\/b><span class=\"xxxxxxxxnormaltextrun\"><o:p><\/o:p><\/span><\/p>\n<p class=\"elementtoproof\" style=\"background:white\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black;background:white\"><br \/>  Microsoft has released security updates to address a vulnerability in Windows PowerShell (CVE-2025-54100) that could allow local users to execute arbitrary code when using the Invoke-WebRequest cmdlet.<br \/>  <\/span><b><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black\"><br \/>  Severity level<\/span><\/b><b><span style=\"font-size:11.0pt;font-family:\"IBM Plex Sans\",sans-serif;color:#242424\">:<br \/>  <\/span><\/b><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black\">CVSS Score: 7.8\/high<br \/>  <b><br \/>  Description<\/b>:<br \/>  <span style=\"background:white\">CVE-2025-54100 is a command injection vulnerability in Windows PowerShell, specifically affecting the Invoke-WebRequest cmdlet. The flaw occurs because PowerShell automatically parses HTML content using the MSHTML engine, which   can inadvertently execute embedded scripts during parsing. This behavior allows attackers to craft malicious web content that, when processed by Invoke-WebRequest, could lead to unintended script execution. Exploitation requires local access and user interaction,   such as running a script that invokes Invoke-WebRequest on a malicious URL.<o:p><\/o:p><\/span><\/span><\/p>\n<p class=\"elementtoproof\" style=\"background:white\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black;background:white\"><o:p>&nbsp;<\/o:p><\/span><\/p>\n<p class=\"elementtoproof\" style=\"background:white\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif\"><o:p>&nbsp;<\/o:p><\/span><\/p>\n<p class=\"elementtoproof\" style=\"background:white\"><b><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black\">Affected Versions<span style=\"background:white\">:<br \/>  <\/span><\/span><\/b><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black;background:white\">All systems using Windows PowerShell 5.1 on vulnerable Windows versions.<\/p>\n<p>  Windows 10.<br \/>  Windows 11.<br \/>  Windows Server (2008 through 2025 editions).<br \/>  <b><br \/>  Impact:<br \/>  <\/b>Successful exploitation of this vulnerability may allow attackers to execute arbitrary code on the affected system.  <\/p>\n<p>  After applying the patch, users will receive a security warning prompt before parsing any web content that could execute scripts.<br \/>  <\/span><b><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black\"><br \/>  Resolution:<br \/>  <\/span><\/b><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black;background:white\">Please apply the latest Security updates released by Microsoft.<br \/>  <\/span><b><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black\"><br \/>  Reference:<\/span><\/b><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black;background:white\"><o:p><\/o:p><\/span><\/p>\n<p class=\"elementtoproof\" style=\"background:white\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black;background:white\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-54100\"><span style=\"color:black;text-decoration:none\">https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-54100<\/span><\/a><\/span><span style=\"font-family:\"IBM Plex Sans\",sans-serif;background:white\"><o:p><\/o:p><\/span><\/p>\n<p class=\"elementtoproof\" style=\"background:white\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black;background:white\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-54100\"><span style=\"color:black;text-decoration:none\">https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-54100<\/span><\/a><o:p><\/o:p><\/span><\/p>\n<p class=\"elementtoproof\" style=\"background:white\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black;background:white\"><a href=\"https:\/\/www.cyber.gc.ca\/en\/alerts-advisories\/microsoft-security-advisory-december-2025-monthly-rollup-av25-822\"><span style=\"color:black;text-decoration:none\">https:\/\/www.cyber.gc.ca\/en\/alerts-advisories\/microsoft-security-advisory-december-2025-monthly-rollup-av25-822<\/span><\/a><\/span><span style=\"font-family:\"IBM Plex Sans\",sans-serif;background:white\"><o:p><\/o:p><\/span><\/p>\n<p class=\"elementtoproof\" style=\"background:white\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black;background:white\"><a href=\"https:\/\/thehackernews.com\/2025\/12\/microsoft-issues-security-fixes-for-56.html\"><span style=\"color:black;text-decoration:none\">https:\/\/thehackernews.com\/2025\/12\/microsoft-issues-security-fixes-for-56.html<\/span><\/a><\/span><span style=\"font-family:\"IBM Plex Sans\",sans-serif;background:white\"><o:p><\/o:p><\/span><\/p>\n<p class=\"elementtoproof\" style=\"background:white\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif;background:white\"><o:p>&nbsp;<\/o:p><\/span><\/p>\n<p class=\"MsoNormal\" style=\"margin-bottom:12.0pt;line-height:105%\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif;color:black;background:white\"><\/p>\n<p>  <\/span><span style=\"font-size:10.0pt;line-height:105%;font-family:\"IBM Plex Sans\",sans-serif;color:black;background:white\">UIT Information&nbsp;Security<\/span><span style=\"font-family:\"IBM Plex Sans\",sans-serif\">&nbsp;<o:p><\/o:p><\/span><\/p>\n<p class=\"MsoNormal\"><b><span style=\"font-family:\"IBM Plex Sans\",sans-serif\"><\/p>\n<p>  Contact <\/span><\/b><span style=\"font-family:\"IBM Plex Sans\",sans-serif\"><o:p><\/o:p><\/span><\/p>\n<p class=\"MsoNormal\" style=\"page-break-after:avoid\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif\">IT Client Services at  <a href=\"mailto:askIT@yorku.ca\"><a href=\"mailto:askIT@yorku.ca\" >askIT@yorku.ca<\/a><\/a> or 416 736 5800 <span style=\"color:#548235\">  <o:p><\/o:p><\/span><\/span><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:6.75pt 13.5pt 6.75pt 13.5pt\">\n<p class=\"MsoNormal\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif\"><o:p>&nbsp;<\/o:p><\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<p class=\"MsoNormal\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif\"><o:p>&nbsp;<\/o:p><\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"600\" style=\"width:450.0pt;background:white;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\"><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"600\" style=\"width:450.0pt;background:#F2F2F2;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:0cm 0cm 0cm 0cm\">\n<table class=\"MsoNormalTable\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" style=\"width:100.0%;border-collapse:collapse\">\n<tbody>\n<tr>\n<td width=\"100%\" style=\"width:100.0%;padding:6.75pt 13.5pt 6.75pt 13.5pt\">\n<p class=\"MsoNormal\"><span style=\"font-size:10.0pt;font-family:\"IBM Plex Sans\",sans-serif\"><a href=\"https:\/\/www.yorku.ca\/about\/privacy-legal\/\" target=\"_blank\"><span lang=\"EN-US\">PRIVACY POLICY<\/span><\/a><\/span><span lang=\"EN-US\" style=\"font-size:10.0pt;font-family:\"IBM Plex Sans\",sans-serif\">&nbsp;|&nbsp;<\/span><span style=\"font-size:10.0pt;font-family:\"IBM Plex Sans\",sans-serif\"><a href=\"https:\/\/www.yorku.ca\" target=\"_blank\"><span lang=\"EN-US\">VISIT   WWW.YORKU.CA<\/span><\/a><span style=\"color:#505050\"><br \/>  This email was sent by: <b>York University, 4700 Keele Street, Toronto, Ontario M3J 1P3<\/b>  <\/span><o:p><\/o:p><\/span><\/p>\n<p class=\"MsoNormal\"><span style=\"font-size:10.0pt;font-family:\"IBM Plex Sans\",sans-serif;color:#505050\">This email is viewed best in Microsoft Outlook for web&nbsp;<\/span><span style=\"font-family:\"IBM Plex Sans\",sans-serif\"><o:p><\/o:p><\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<p class=\"MsoNormal\"><span style=\"font-family:\"IBM Plex Sans\",sans-serif\"><o:p>&nbsp;<\/o:p><\/span><\/p>\n<p class=\"MsoNormal\"><span style=\"font-size:11.0pt\"><o:p>&nbsp;<\/o:p><\/span><\/p><\/div>\n<\/p><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>&nbsp; &nbsp; Service Advisory Microsoft has released security updates to address a vulnerability in Windows PowerShell (CVE-2025-54100) that could allow local users to execute arbitrary code when using the Invoke-WebRequest cmdlet. Severity level: CVSS Score: 7.8\/high Description: CVE-2025-54100 is a command injection vulnerability in Windows PowerShell, specifically affecting the Invoke-WebRequest cmdlet. The flaw occurs because [&hellip;]<\/p>\n","protected":false},"author":212,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","footnotes":""},"categories":[29],"tags":[],"class_list":["post-39273","post","type-post","status-publish","format-standard","hentry","category-news"],"taxonomy_info":{"category":[{"value":29,"label":"News"}]},"featured_image_src_large":false,"author_info":{"display_name":"aalaily","author_link":"https:\/\/www.yorku.ca\/uit\/author\/aalaily\/"},"comment_info":"","category_info":[{"term_id":29,"name":"News","slug":"news","term_group":0,"term_taxonomy_id":3,"taxonomy":"category","description":"","parent":0,"count":481,"filter":"raw","cat_ID":29,"category_count":481,"category_description":"","cat_name":"News","category_nicename":"news","category_parent":0}],"tag_info":false,"_links":{"self":[{"href":"https:\/\/www.yorku.ca\/uit\/wp-json\/wp\/v2\/posts\/39273","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.yorku.ca\/uit\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.yorku.ca\/uit\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.yorku.ca\/uit\/wp-json\/wp\/v2\/users\/212"}],"replies":[{"embeddable":true,"href":"https:\/\/www.yorku.ca\/uit\/wp-json\/wp\/v2\/comments?post=39273"}],"version-history":[{"count":0,"href":"https:\/\/www.yorku.ca\/uit\/wp-json\/wp\/v2\/posts\/39273\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.yorku.ca\/uit\/wp-json\/wp\/v2\/media?parent=39273"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.yorku.ca\/uit\/wp-json\/wp\/v2\/categories?post=39273"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.yorku.ca\/uit\/wp-json\/wp\/v2\/tags?post=39273"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}