Skip to content

CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073)

Posted by: GuidePoint Security

< 1 min read

October 21, 2025 – Published on Help Net Security

CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers.

The confirmation comes from the Cybersecurity and Infrastructure Security Agency (CISA), which has added the flaw to its Known Exploited Vulnerabilities catalog, presumably based on credible reports.

CVE-2025-33073 allows for privilege escalation, enabling attackers to gain SYSTEM (highest) privileges on a vulnerable Windows or Windows Server system.

When Microsoft released the fix, it said that the vulnerability was publicly disclosed but not actively exploited.

On the following day, the company attributed discovery of the flaw to a number of researchers, including GuidePoint Security’s Cameron Stish. Cameron also published technical details about the vulnerability.

Read more HERE.

Categories: Vulnerability Management & Penetration Testing
Tags:cybersecurityVulnerability Management

GuidePoint Security

The Birth and Death of “LoopyTicket” – Our Story on CVE-2025-33073
Sometimes the best discoveries happen when you’re not even looking for them. While RedTeam Pentesting and Synacktiv have already published […]
View Page

Related Articles

View All

  • Threat & Attack Simulation
The Birth and Death of “LoopyTicket” – Our Story on CVE-2025-33073
Posted by: Cameron Stish
Read More 8 min read
  • Vulnerability Management & Penetration Testing
Threat & Attack Simulation Practice Overview
Read More < 1 min read
  • Cybersecurity
Breach & Attack Simulation as a Service (BASaaS)
Read More < 1 min read