CVE-2025-33070

Published Jun 10, 2025

Last updated 19 hours ago

CVSS high 8.1
Windows Netlogon

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-33070 is an elevation of privilege vulnerability affecting Windows Netlogon. It stems from the use of an uninitialized resource within the Netlogon service. An unauthorized attacker can exploit this vulnerability to elevate their privileges over a network. This can be achieved by sending specially crafted authentication requests to affected domain controllers. Successful exploitation could allow an attacker to gain domain administrator privileges, potentially giving them significant control over the domain controller.

Description
Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.
Source
secure@microsoft.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
8.1
Impact score
5.9
Exploitability score
2.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-908

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

31

  1. If you run or defend a Windows/AD environment you really should have this Netlogon domain escalation of privilege vulnerability (CVE-2025-33070) on your radar screen. https://t.co/kUUXcsoYXU

    @arekfurt

    11 Jun 2025

    16376 Impressions

    38 Retweets

    170 Likes

    171 Bookmarks

    1 Reply

    0 Quotes

  2. CVE-2025-33070 is an auth bypass in the function NetrServerAuthenticate3 - which is the same function of ZeroLogon. But you need to force the DC into an out-of-memory state first to trigger the bug.

    @guhe120

    10 Jun 2025

    4713 Impressions

    6 Retweets

    53 Likes

    10 Bookmarks

    2 Replies

    1 Quote

References

Sources include official advisories and independent security research.