Overview
- CISA added CVE-2025-33073 to its Known Exploited Vulnerabilities catalog after confirming in-the-wild abuse.
- The flaw, rated CVSS 8.8, affects Windows 10, Windows 11 up to 24H2, and all supported versions of Windows Server.
- Microsoft issued a fix in June and detailed attacks that coerce a target to authenticate to an attacker‑controlled SMB server, enabling elevation to SYSTEM.
- Under BOD 22-01, federal civilian agencies must patch or remove affected systems by November 10, and CISA urges all organizations to prioritize updates and monitor SMB traffic.
- Microsoft has not publicly commented on CISA’s exploitation claims, and CISA simultaneously added other flaws to KEV, including Oracle E‑Business Suite CVE-2025-61884.