Windows SMB Client Elevation of Privilege Vulnerability - CVE-2025-33073 - actively exploited in the wild

You may know the CVE-2025-33073 being reported actively exploited in the wild now.

Exploitation depends on two key conditions:

• SMB coercion must be possible

• SMB signing must not be strictly enforced on the target system

Reference: https://learn.microsoft.com/zh-cn/windows-server/storage/file-server/smb-signing?tabs=group-policy

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33073

https://learn.microsoft.com/en-us/windows-server/storage/file-server/smb-signing?tabs=group-policy

https://socprime.com/blog/cve-2025-33073-zero-day-vulnerability/

https://www.vicarius.io/vsociety/posts/cve-2025-33073-mitigation-script-improper-access-control-in-windows-smb-affects-microsoft-products

Windows SMB Client Elevation of Privilege Vulnerability - CVE-2025-33073 - actively exploited in the wild