CVE-2025-33070Use of Uninitialized Resource in Microsoft Windows 10 Version 1507

CWE-908Use of Uninitialized Resource5 documents4 sources
Severity
8.1HIGHNVD
EPSS
0.9%
top 23.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
26
Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607Microsoft Windows 10 Version 1809+23 more
Timeline
PublishedJun 10

Description

Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages25 packages

NVDmicrosoft/windows< 10.0.14393.8148+5
NVDmicrosoft/windows_10_1507< 10.0.10240.21034
NVDmicrosoft/windows_10_1607< 10.0.14393.8148
NVDmicrosoft/windows_10_1809< 10.0.17763.7434
NVDmicrosoft/windows_10_21h2< 10.0.19044.5965

🔴Vulnerability Details

2
GHSA
GHSA-c5jx-h8px-jrgh: Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network2025-06-10
CVEList
Windows Netlogon Elevation of Privilege Vulnerability2025-06-10

📋Vendor Advisories

2
Microsoft
Windows Netlogon Elevation of Privilege Vulnerability2025-06-10
Microsoft
Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Ser2022-06-14
CVE-2025-33070 — Use of Uninitialized Resource | cvebase