CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers. The confirmation comes from the Cybersecurity and Infrastructure Security Agency (CISA), which has added the flaw to its Known Exploited Vulnerabilities catalog, presumably based on credible reports. About CVE-2025-33073 CVE-2025-33073 allows for privilege escalation, enabling attackers to gain SYSTEM (highest) privileges on a vulnerable Windows or Windows Server system. “To exploit this vulnerability, an attacker could execute a … More
The post CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073) appeared first on Help Net Security.
