Windows SMB Flaw Lets Hackers Hijack System Privileges

A critical Windows SMB vulnerability tracked as CVE-2025-33073 has been exploited in the wild using a technique known as Reflective Kerberos Relay Attack. Microsoft addressed the flaw during its June 2025 Patch Tuesday updates, assigning it a CVSS score of 9.8 due to the high risk of privilege escalation and low exploitation complexity.

The Reflective Kerberos Relay Attack bypasses long-standing NTLM reflection protections by coercing a Windows host to authenticate via SMB using its computer account credentials. Researchers leveraged a technique that decouples the coercion target and Service Principal Name, enabling Kerberos tickets to be issued for alternate hosts.

Attackers can gain NT AUTHORITY\SYSTEM privileges by relaying tickets locally, exploiting Windows’ authentication safeguards. The vulnerability affects Windows 10, 11 (pre-24H2), and Server 2019–2025.

To mitigate the Windows SMB vulnerability, Microsoft recommends enabling SMB signing, Channel Binding, and EPA.

Read the full report at: https://cybersecuritynews.com/windows-smb-client-zero-day-vulnerability/