CVE-2025-33073
Published Jun 10, 2025
Last updated 3 months ago
AI description
CVE-2025-33073 is an elevation of privilege vulnerability affecting the Windows Server Message Block (SMB) client. It stems from improper access control within Windows SMB, potentially allowing an authorized attacker to elevate privileges over a network. To exploit this vulnerability, an attacker could execute a specially crafted script. This script would coerce the victim machine to connect back to the attacker's system using SMB and authenticate, potentially resulting in the attacker gaining SYSTEM privileges.
- Description
- Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
- Source
- secure@microsoft.com
- NVD status
- Modified
- Products
- windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_22h2, windows_11_23h2, windows_11_24h2, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Microsoft Windows SMB Client Improper Access Control Vulnerability
- Exploit added on
- Oct 20, 2025
- Exploit action due
- Nov 10, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-284
- Hype score
- Not currently trending
⚠️ Critical Windows vuln (CVE-2025-33073) still widespread 7+ months after June 2025 patch! NTLM reflection bypass lets attackers coerce SMB auth (via PetitPotam/DFSCoerce), relay to own AD domains, & gain SYSTEM privileges—even bypassing SMB signing via cross-protocol
@NewsLive360
23 Jan 2026
66 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Lots of recent posts on NTLM reflection → AD compromise. To be clear: real fix is CVE-2025-54918, not CVE-2025-33073. Until Oct 2025, any user could own a 2025 domain if DCs ran Print Spooler. https://t.co/6098AHxhYM
@decoder_it
21 Jan 2026
9363 Impressions
45 Retweets
162 Likes
122 Bookmarks
0 Replies
0 Quotes
🚨 The Silent SMB Killer: How #CVE-2025-33073 Defeats SMB Signing and Lets You PWN a Domain Controller in Seconds + Video https://t.co/cz9RP5eD1e Educational Purposes!
@UndercodeUpdate
21 Jan 2026
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hard truth: Your "patched" Windows environment might still be wide open It’s been over six months since the fix for CVE-2025-33073, yet we are still seeing attackers bypass basic defences to dominate Active Directory. #CyberSecurity #InfoSec #ActiveDirectory #CISO #ACCESSYSTEM
@ACCESSYSTEM_IT
21 Jan 2026
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Windows SMB Client vulnerability (CVE-2025-33073) exposes ActiveDirectory to NTLM reflection attacks. Apply June 2025 security updates and enforce SMB signing immediately. Link: https://t.co/vXdSq7Pz1r #Security #Vulnerability #Windows #NTLM #Update #System #Hacking http
@dailytechonx
20 Jan 2026
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️Detection of NTLM Reflection Exploits in Windows SMB Authentication The Depth Security blog on “Using NTLM Reflection to Own Active Directory (CVE-2025-33073)” explains how attackers exploit weaknesses in Windows SMB client authentication to escalate privileges and co
@0x534c
20 Jan 2026
4527 Impressions
29 Retweets
102 Likes
71 Bookmarks
2 Replies
0 Quotes
Using NTLM Reflection to Own Active Directory (CVE-2025-33073) - Logan Diomedi https://t.co/30U85LVMuS
@pentest_swissky
16 Jan 2026
1634 Impressions
6 Retweets
29 Likes
17 Bookmarks
1 Reply
0 Quotes
CVE-2025-33073 - SMB Client Privilege Escalation vulnerability exploited in the wild https://t.co/YbYOp88ABZ https://t.co/gC41J7yR09
@ErcanSah1n
29 Dec 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Splunk content release, ESCU 5.19 is here, and its one of our biggest releases of the year. 🌟6 New Analytic Stories 🔍31 New Analytics ⚙️71 Updated Analytics Key highlights from this release include - New Coverage for React2Shell, CVE-2025-33073 and Tuoni C2. - New Co
@nas_bench
11 Dec 2025
2115 Impressions
11 Retweets
34 Likes
11 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2017-1001000 2 - CVE-2025-33073 3 - CVE-2025-26686 4 - CVE-2025-24893 5 - CVE-2025-33053 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
16 Nov 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitHub - uziii2208/CVE-2025-33073: Universal exploitation tool for CVE-2025-33073 targeting Windows Domain Controllers with DNSAdmins privileges and WinRM enabled. https://t.co/gBxH24OFPk
@akaclandestine
15 Nov 2025
3203 Impressions
10 Retweets
40 Likes
21 Bookmarks
0 Replies
0 Quotes
GitHub - uziii2208/CVE-2025-33073: Universal exploitation tool for CVE-2025-33073 targeting Windows Domain Controllers with DNSAdmins privileges and WinRM enabled. https://t.co/gBxH24OFPk
@akaclandestine
14 Nov 2025
3039 Impressions
13 Retweets
47 Likes
44 Bookmarks
0 Replies
0 Quotes
🚨 Active Windows SMB Exploit – CVE-2025-33073 🚨 A critical Windows flaw is being actively exploited — attackers can gain SYSTEM-level control on Windows 10/11 & Server. 🛡️ Patch your systems NOW (June 2025 update), block SMB (TCP 445) #CyberSecurity #PatchNow
@sabreitservices
11 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A támadók aktívan kihasználták a Windows SMB sebezhetőségét A CISA figyelmeztetést adott ki egy súlyos Windows SMB sebezhetőség aktív kihasználásáról. A CVE-2025-33073 azonosítón nyomon követett sérülékenység rendszerszintű (SYSTEM) jogosultságokat bizt
@linuxmint_hun
28 Oct 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Vulnerabilidad CVE-2025-33073 🥷 en el cliente SMB de Windows, permite ejecución remota de comandos y elevación de privilegios como SYSTEM, mediante manipulación de paquetes. Existen PoCs de exploits públicos. 🔐 POC exploit: https://t.co/3pTacow2qi https://t.co/6OA
@ciberseguridadx
27 Oct 2025
67 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Windows SMB Client Vulnerability Under Active Exploitation (CVE-2025-33073) CVE-2025-33073 is a Windows SMB Client vulnerability that Microsoft patched in June 2025, but CISA is now warning it's actively exploited in the wild. What's notable: SMB Client vulns are nasty
@the_c_protocol
27 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2021-28550 2 - CVE-2025-33073 3 - CVE-2023-20870 4 - CVE-2025-37947 5 - CVE-2025-22131 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
26 Oct 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-33073 - SMB Client Privilege Escalation vulnerability exploited in the wild https://t.co/KQrVlVoju3 https://t.co/P75kJOX396
@SirajD_Official
26 Oct 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-33073 - SMB Client Privilege Escalation vulnerability exploited in the wild https://t.co/vUIPwH5B2C https://t.co/2Euxx7Xrph
@scandaletti
25 Oct 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A támadók aktívan kihasználták a Windows SMB sebezhetőségét A CISA figyelmeztetést adott ki egy súlyos Windows SMB sebezhetőség aktív kihasználásáról. A CVE-2025-33073 azonosítón nyomon követett sérülékenység rendszerszintű (SYSTEM) jogosultságokat bizt
@linuxmint_hun
25 Oct 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-33073 - SMB Client Privilege Escalation vulnerability exploited in the wild https://t.co/qrhkC41Qdd https://t.co/AGJN5HLIHs
@CloudVirtues
25 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Remember the CredMarshalInfo trick? If you hadn’t applied the June 2025 patch, CVE-2025-33073 would have been critical. We know that in NTLM local auth, msg 3 is empty:You can drop sign/seal -> from Domain User to DomainAdmin escalation. 😅 https://t.co/8BCZdnSp6B
@decoder_it
24 Oct 2025
8348 Impressions
36 Retweets
127 Likes
72 Bookmarks
2 Replies
1 Quote
SMB flaw (CVE-2025-33073) now exploited; unpatched Windows systems at risk — apply patch, restrict exposure, monitor traffic. More info in: https://t.co/4a0ynEjfaA https://t.co/rOAvugSbiI
@58Consulting
24 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns of an exploited Windows SMB #ZeroDay (CVE-2025-33073). Xcape’s John Carberry: “If you haven’t patched or restricted outgoing SMB, your digital front door is unlocked.” Patch now. https://t.co/mBfbcd7mtF @SiliconAngle #Cybersecurity #XcapeInsights
@XcapeInc
24 Oct 2025
13 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 Se reporta la vulnerabilidad CVE-2025-33073 en el cliente SMB de Windows. Permite ejecución remota de comandos como SYSTEM mediante manipulación de paquetes SMB. Ya existen PoC públicas y explotación activa. Se recomienda aplicar parches de seguridad https://t.co/cFtyMeo
@henryraul
23 Oct 2025
115 Impressions
4 Retweets
8 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 CISA warns a high-severity Windows SMB flaw (CVE-2025-33073) is now actively exploited. If you haven’t updated since June 2025’s Patch Tuesday, you’re at risk. 📢 Windows 10, 11, and Server users — patch now! #CyberSecurity #WindowsUpdate #CISA #InfoSec #Microsoft
@ProgresiveRobot
22 Oct 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cyber Threat Intelligence 22/10/2568 backward 24 hr: ระดับ 1 (ฉุกเฉิน): Oracle E-Business Suite (CVE-2025-61882, CVE-2025-61884) เนื่องจากมีการใช้ประโยชน์จาก Zero-day อย่างแพร่หล
@PSirimajun
22 Oct 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad de SMB en Windows explotada activamente (CVE-2025-33073 con PoC) https://t.co/WvDgZCpi1X #Internet #Noticia #Tecnología #CiberSeguridad #web #Vulnerabilidad #Windows vía @SeguInfo https://t.co/PZ0CXl3JX4
@Securizame
22 Oct 2025
155 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Even though Microsoft patched CVE-2025-33073 back in June 2025, this Windows SMB flaw is still being actively exploited in the wild ⚠️ It allows privilege escalation to SYSTEM via NTLM reflection tricks, even without direct user interaction. Make sure you’ve applied the p
@connecti
22 Oct 2025
6 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Важная новость! Уязвимость CVE-2025-33073 в клиентах Windows SMB активно эксплуатируется злоумышленниками. Проблема позволяет повысить привилегии до системных. Вы
@cybereye_ru
21 Oct 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073) https://t.co/gWslH8F49Q #HelpNetSecurity #Cybersecurity https://t.co/emI6S6eUEa
@PoseidonTPA
21 Oct 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-33073: A Windows SMB flaw under active exploitation. CISA warns. It's not just a bug; it's a whisper from the frontier that security is a state of constant becoming, not a destination. Patch up. 💡 #InfoSec #CyberThreats
@nanoxbanana
21 Oct 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Emite Alerta Crítica: Vulnerabilidad CVE-2025-33073 en Cliente SMB de Windows siendo Explotada Activamente https://t.co/1PGhnHyN5A
@nksistemas
21 Oct 2025
48 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Attention, Windows users! A patch for CVE-2025-33073 is urgently needed as the SMB client vulnerability is causing a ruckus in the wild. Don’t let hackers have all the fun—update now! #WindowsForum #CyberSecurity #PatchYourPC https://t.co/nDmzr2nFF1
@windowsforum
21 Oct 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I made my @tryhackme room on NTLM Reflection (CVE-2025-33073) public. I submitted it a while ago, but never received an update. You can now join to practice the NTLM reflection vulnerability. This room covers three practical techniques you can use in real-world engagements to ht
@l1v1n9h311
21 Oct 2025
245 Impressions
0 Retweets
3 Likes
2 Bookmarks
1 Reply
0 Quotes
CISA Warns of Actively Exploited Windows SMB Vulnerability The security flaw, tracked as CVE-2025-33073, has been added to CISA’s Known Exploited Vulnerabilities catalog, https://t.co/PudHsPTINT https://t.co/nbDPK7AL2L
@RickSpairDX
21 Oct 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
米国CISAが、すでに悪用が確認されたWindows SMBの重大な脆弱性を警告リストに追加した。脆弱性を放置すれば、攻撃者がシステム権限を奪取する恐れがある。 問題の「CVE-2025-33073」はWindows
@yousukezan
21 Oct 2025
8570 Impressions
30 Retweets
91 Likes
40 Bookmarks
0 Replies
3 Quotes
CISA Warns of Active Exploits in Critical Windows SMB Flaw CISA has added CVE-2025-33073, a critical SMB vulnerability in Windows, to its catalog. It allows attackers to escalate privileges via crafted attacks, executing malicious scripts that force connections to https://t.co/n
@Secwiserapp
21 Oct 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA Warns of Windows SMB Vulnerability Actively Exploited in Attacks Read more: https://t.co/h2qN9Xf11g CISA issued an urgent alert on October 20, 2025, highlighting a severe vulnerability CVE-2025-33073 in Microsoft's Windows SMB Client. The vulnerability exploits the
@The_Cyber_News
21 Oct 2025
16681 Impressions
79 Retweets
297 Likes
129 Bookmarks
4 Replies
4 Quotes
CVE-2025-33073 Windows SMB脆弱性の概要と対策 https://t.co/5C6sl1yEjp #Security #セキュリティー #ニュース
@SecureShield_
21 Oct 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 The Silent Heist: #Windows SMB Flaw (#CVE-2025-33073) Actively Exploited Across the US https://t.co/bHEhbzyNRb
@UndercodeNews
20 Oct 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📝 𝐂𝐈𝐒𝐀: 𝐇𝐢𝐠𝐡-𝐬𝐞𝐯𝐞𝐫𝐢𝐭𝐲 𝐖𝐢𝐧𝐝𝐨𝐰𝐬 𝐒𝐌𝐁 𝐟𝐥𝐚𝐰 𝐧𝐨𝐰 𝐞𝐱𝐩𝐥𝐨𝐢𝐭𝐞𝐝 𝐢𝐧 𝐚𝐭𝐭𝐚𝐜𝐤𝐬 • CVE-2025-33073 impacts Windows Server and Windows 10/1
@PurpleOps_io
20 Oct 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA alerta! Falha crítica no Windows SMB (CVE-2025-33073) sendo ativamente explorada para acesso SYSTEM! 💻 Se você usa Windows Server, 10 ou 11, aplique os patches de JUNHO de 2025 AGORA. Não espere o desastre! #CyberSecurity #WindowsSMB #CISA https://t.co/9T2erHgDfi
@fernandokarl
20 Oct 2025
77 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-5419 2 - CVE-2025-49144 3 - CVE-2023-39910 4 - CVE-2025-21420 5 - CVE-2025-33073 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
19 Oct 2025
177 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-33073: PoC Exploit for the NTLM reflection SMB flaw. Check: https://t.co/5FuycV0ksK https://t.co/bdM07o5duJ
@7h3h4ckv157
17 Oct 2025
12578 Impressions
65 Retweets
283 Likes
147 Bookmarks
3 Replies
0 Quotes
🚨CVE-2025-33073: PoC Exploit for the NTLM reflection SMB flaw GitHub: https://t.co/NPRdygyXJV ▪️GUI (Screenshot 1) ▪️CLI (2) ▪️Custom command (3) ▪️SOCKS (4) https://t.co/gd4ZIGreem
@DarkWebInformer
15 Oct 2025
11422 Impressions
46 Retweets
205 Likes
98 Bookmarks
1 Reply
0 Quotes
NTLM reflection is dead, long live NTLM reflection! – An in-depth analysis of CVE-2025-33073 - @yaumn_ and @wil_fri3d https://t.co/WHuiDE0Tq8
@pentest_swissky
14 Oct 2025
3793 Impressions
23 Retweets
79 Likes
26 Bookmarks
2 Replies
0 Quotes
绕过SMB强制签名执行反射攻击 CVE-2025-33073反射式 Kerberos 中继攻击漏洞修复后的另一种强制认证绕过🫡 https://t.co/OljiStnCRp https://t.co/GRv5w9Xlum
@Snow_Wo1f
30 Sept 2025
204 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
How I Accidentally Found CVE-2025-33073 Presented by: Cameron Stish Find out about the discovery journey, technical exploitation details, and key lessons on detection, mitigation, and responsible disclosure regarding the CVE-2025-33073. https://t.co/X2QwvtEu3f
@ThreeRiversISec
29 Sept 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-33073 2 - CVE-2023-50428 3 - CVE-2024-30088 4 - CVE-2025-42957 5 - CVE-2025-54948 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
8 Sept 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "FCC2974E-F0F4-4F33-9CCE-2CEA45A3AD86",
"versionEndExcluding": "10.0.10240.21034"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "A94EDBE2-AAFF-4E9A-A9E5-9B02ADB94471",
"versionEndExcluding": "10.0.10240.21034"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "21CF85F1-CE6E-4AA2-B686-20766DB23D46",
"versionEndExcluding": "10.0.14393.8148"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "10F0F3D2-00CD-4F52-B31E-DEA656DBD8B3",
"versionEndExcluding": "10.0.14393.8148"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "F081F99C-6E6A-4AB2-8DE8-6457582D80D6",
"versionEndExcluding": "10.0.17763.7434"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "7D9FCD92-0CED-43D3-87E0-630B80AC1A89",
"versionEndExcluding": "10.0.17763.7434"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5667B11-7E10-4A08-89D2-253D682151C5",
"versionEndExcluding": "10.0.19044.5965"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8CB6E81-62E0-4B19-ADE9-5ADB260CB960",
"versionEndExcluding": "10.0.19045.5965"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCDDDE2C-0235-4792-905A-DDDF5D346BDC",
"versionEndExcluding": "10.0.22621.5472"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53835865-3135-4F16-9868-C96D8C5E2BED",
"versionEndExcluding": "10.0.22631.5472"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA78F5F9-AEE3-423B-B82A-9ECEF2BDADF3",
"versionEndExcluding": "10.0.26100.4270"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9B7111D-5C1D-415B-8ED4-F891B4832B18",
"versionEndExcluding": "10.0.14393.8148"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E77CCA1-2FF6-429B-85A6-81E2B7C6B08F",
"versionEndExcluding": "10.0.17763.7434"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "889A792E-8809-4A78-AABC-0567D025927A",
"versionEndExcluding": "10.0.20348.3745"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "537E7AD5-0562-490B-AB16-0805F8865C74",
"versionEndExcluding": "10.0.25398.1665"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD4BB5C4-1318-4006-9C50-0AED4E0C8A3F",
"versionEndExcluding": "10.0.26100.4270"
}
],
"operator": "OR"
}
]
}
]