CVE-2025-33073

⚠ KEVEPSS 37.2%

Microsoft Windows SMB Client Improper Access Control Vulnerability

Added to CISA KEV: 10/20/2025

Description

Microsoft Windows SMB Client contains an improper access control vulnerability that could allow for privilege escalation. An attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate.

Affected packages (0)

No package mapping in OSV.