⚠ Actively exploited
Added to CISA KEV on 2025-10-20. Federal agencies required to patch by 2025-11-10. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable..

CVE-2025-33073Improper Access Control in Microsoft Windows 10 Version 1507

CWE-284Improper Access Control13 documents10 sources
Severity
8.8HIGHNVD
EPSS
42.0%
top 2.56%
CISA KEV
KEV
Added 2025-10-20
Due 2025-11-10
Exploit
PoC available
Public exploit / PoC exists
Affected products
27
Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607Microsoft Windows 10 Version 1809+24 more
Timeline
PublishedJun 10
KEV addedOct 20
KEV dueNov 10
CISA Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages26 packages

NVDmicrosoft/windows< 10.0.14393.8148+5
NVDmicrosoft/windows_10_1507< 10.0.10240.21034
NVDmicrosoft/windows_10_1607< 10.0.14393.8148
NVDmicrosoft/windows_10_1809< 10.0.17763.7434
NVDmicrosoft/windows_10_21h2< 10.0.19044.5965

🔴Vulnerability Details

3
CVEList
Windows SMB Client Elevation of Privilege Vulnerability2025-06-10
GHSA
GHSA-cfjg-2jr6-cgph: Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network2025-06-10
VulnCheck
Microsoft Windows SMB Client Improper Access Control Vulnerability2025

💥Exploits & PoCs

1
Exploit-DB
Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)2025-06-15

🔍Detection Rules

4
Sigma
Suspicious DNS Query Indicating Kerberos Coercion via DNS Object SPN Spoofing
Sigma
Suspicious DNS Query Indicating Kerberos Coercion via DNS Object SPN Spoofing - Network
Sigma
Attempts of Kerberos Coercion Via DNS SPN Spoofing
Sigma
Potential Kerberos Coercion by Spoofing SPNs via DNS Manipulation

📋Vendor Advisories

2
CISA
Microsoft Windows SMB Client Improper Access Control Vulnerability2025-10-20
Microsoft
Windows SMB Client Elevation of Privilege Vulnerability2025-06-10
CVE-2025-33073 — Improper Access Control in Microsoft | cvebase