Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
References
| Link | Resource |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33073 | Vendor Advisory |
| https://www.vicarius.io/vsociety/posts/cve-2025-33073-detection-script-improper-access-control-in-windows-smb-affects-microsoft-products | Third Party Advisory |
| https://www.vicarius.io/vsociety/posts/cve-2025-33073-mitigation-script-improper-access-control-in-windows-smb-affects-microsoft-products | Mitigation Third Party Advisory |
| https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-33073 | US Government Resource |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2025-06-10 17:23
Updated : 2025-10-27 17:12
NVD link : CVE-2025-33073
Mitre link : CVE-2025-33073
CVE.ORG link : CVE-2025-33073
JSON object : View
Products Affected
microsoft
- windows_server_2019
- windows_10_22h2
- windows_server_2022
- windows_10_1507
- windows_11_23h2
- windows_11_24h2
- windows_server_2008
- windows_10_1607
- windows_server_2016
- windows_server_2012
- windows_10_1809
- windows_11_22h2
- windows_server_2022_23h2
- windows_server_2025
- windows_10_21h2
CWE
CWE-284
Improper Access Control