CVE-2025-33073
Published Jun 10, 2025
Last updated 6 months ago
AI description
CVE-2025-33073 is an elevation of privilege vulnerability affecting the Windows Server Message Block (SMB) client. It stems from improper access control within Windows SMB, potentially allowing an authorized attacker to elevate privileges over a network. To exploit this vulnerability, an attacker could execute a specially crafted script. This script would coerce the victim machine to connect back to the attacker's system using SMB and authenticate, potentially resulting in the attacker gaining SYSTEM privileges.
- Description
- Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
- Source
- secure@microsoft.com
- NVD status
- Modified
- Products
- windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_22h2, windows_11_23h2, windows_11_24h2, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Microsoft Windows SMB Client Improper Access Control Vulnerability
- Exploit added on
- Oct 20, 2025
- Exploit action due
- Nov 10, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-284
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
2
Windows認証のリフレクション攻撃を防ぐCVE-2025-33073のパッチを、Unicode文字の正規化のずれを突いて完全に迂回する新手法が公開されています。リフレクション攻撃とは、被害者に発行させた認証情報を被害者自
@MalwareBibleJP
30 Apr 2026
765 Impressions
1 Retweet
6 Likes
4 Bookmarks
0 Replies
0 Quotes
Authentication reflection attacks are still not dead! In our new blogpost series, @yaumn_ shares his journey into bypassing the mitigations of CVE-2025-33073 to pop SYSTEM shells again🚀 👇 https://t.co/pbZ2KjXq7Q
@Synacktiv
27 Apr 2026
10969 Impressions
49 Retweets
138 Likes
70 Bookmarks
2 Replies
2 Quotes
Authentication reflection attacks are still not dead! In our new blogpost series, @yaumn_ shares his journey into bypassing the mitigations of CVE-2025-33073 to pop SYSTEM shells again🚀 👇 https://t.co/JEwoQOBAfG
@Synacktiv
27 Apr 2026
1409 Impressions
13 Retweets
25 Likes
12 Bookmarks
2 Replies
1 Quote
Cyber risk is business risk. The ongoing exploitation of CVE-2025-33073 is a stark reminder that you can't afford to overlook your cybersecurity measures. Is your IT ready? https://t.co/PLie2AAw1C
@baral_IT
7 Apr 2026
111 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Attackers exploited CVE-2025-33073 by coercing domain-joined machines to authenticate to malicious SMB servers, achieving SYSTEM-level access. TRC analysis shows the attack chain enabled lateral movement to domain controllers and full domain compromise through DCSync operations.
@aviatrixtrc
31 Mar 2026
134 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Cyberpandemie en vue : Le retour des failles SMB, version 2026. WannaCry wormisait tout avec EternalBlue. La CVE-2025-33073 permet à n’importe quel utilisateur normal d’obtenir les droits SYSTEM sur une machine via NTLM Reflection. https://t.co/Mg1BLodNpx https://t.c
@HaboubiAnis
30 Mar 2026
7115 Impressions
22 Retweets
64 Likes
52 Bookmarks
1 Reply
1 Quote
Praetorian walked through the full chain on March 27: CVE-2025-33073 gives any domain user SYSTEM on hosts without SMB signing. Add unconstrained delegation, and one hop later you have the DC's TGT from LSASS and a DCSync to krbtgt.
@AlexeiBelous
30 Mar 2026
134 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
Reflecting on Your Tier Model: CVE-2025-33073 and the One-Hop Problem https://t.co/lQvevpwxY8
@warthogtk
28 Mar 2026
163 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-33073 enables NTLM reflection attacks that give attackers SYSTEM access on vulnerable Windows hosts. When combined with unconstrained delegation, a single compromised server can lead to full Active Directory domain compromise. https://t.co/EXcYcd6p78 https://t.co/4pgYCTG
@bytecodevm
28 Mar 2026
150 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2025-33073 resurrects NTLM reflection attacks, enabling domain compromise through unconstrained delegation hosts without admin access. Any domain user can now exploit unpatched systems to capture DC TGTs and DCSync. #DFIR_Radar https://t.co/8SVaAc9wvL
@DFIR_Radar
27 Mar 2026
539 Impressions
1 Retweet
7 Likes
1 Bookmark
1 Reply
0 Quotes
🔓 CVE-2025-33073: Any domain user → SYSTEM → DC TGT → domain compromise. No admin needed. SMB signing on DCs won’t save you. https://t.co/9DLn8dBs66 #theguardplatform #offensivesecurity https://t.co/BogiCiKqCp
@praetorianlabs
27 Mar 2026
12317 Impressions
39 Retweets
107 Likes
73 Bookmarks
0 Replies
1 Quote
RelayKing-Depth NTLM relay scanner. It scans SMB, LDAP/S, MSSQL, HTTP/S, RPC, and WinRM, and detects WebDAV WebClient, CVE-2025-33073 (NTLM reflection), NTLMv1, as well as issues such as PrinterBug, PetitPotam and similar weaknesses https://t.co/QnN34UYBnL #redteam #pentesting
@co11ateral
14 Mar 2026
9 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️ Critical Windows vuln (CVE-2025-33073) still widespread 7+ months after June 2025 patch! NTLM reflection bypass lets attackers coerce SMB auth (via PetitPotam/DFSCoerce), relay to own AD domains, & gain SYSTEM privileges—even bypassing SMB signing via cross-protocol
@NewsLive360
23 Jan 2026
66 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Lots of recent posts on NTLM reflection → AD compromise. To be clear: real fix is CVE-2025-54918, not CVE-2025-33073. Until Oct 2025, any user could own a 2025 domain if DCs ran Print Spooler. https://t.co/6098AHxhYM
@decoder_it
21 Jan 2026
9363 Impressions
45 Retweets
162 Likes
122 Bookmarks
0 Replies
0 Quotes
🚨 The Silent SMB Killer: How #CVE-2025-33073 Defeats SMB Signing and Lets You PWN a Domain Controller in Seconds + Video https://t.co/cz9RP5eD1e Educational Purposes!
@UndercodeUpdate
21 Jan 2026
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hard truth: Your "patched" Windows environment might still be wide open It’s been over six months since the fix for CVE-2025-33073, yet we are still seeing attackers bypass basic defences to dominate Active Directory. #CyberSecurity #InfoSec #ActiveDirectory #CISO #ACCESSYSTEM
@ACCESSYSTEM_IT
21 Jan 2026
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Windows SMB Client vulnerability (CVE-2025-33073) exposes ActiveDirectory to NTLM reflection attacks. Apply June 2025 security updates and enforce SMB signing immediately. Link: https://t.co/vXdSq7Pz1r #Security #Vulnerability #Windows #NTLM #Update #System #Hacking http
@dailytechonx
20 Jan 2026
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️Detection of NTLM Reflection Exploits in Windows SMB Authentication The Depth Security blog on “Using NTLM Reflection to Own Active Directory (CVE-2025-33073)” explains how attackers exploit weaknesses in Windows SMB client authentication to escalate privileges and co
@0x534c
20 Jan 2026
4527 Impressions
29 Retweets
102 Likes
71 Bookmarks
2 Replies
0 Quotes
Using NTLM Reflection to Own Active Directory (CVE-2025-33073) - Logan Diomedi https://t.co/30U85LVMuS
@pentest_swissky
16 Jan 2026
1634 Impressions
6 Retweets
29 Likes
17 Bookmarks
1 Reply
0 Quotes
CVE-2025-33073 - SMB Client Privilege Escalation vulnerability exploited in the wild https://t.co/YbYOp88ABZ https://t.co/gC41J7yR09
@ErcanSah1n
29 Dec 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Splunk content release, ESCU 5.19 is here, and its one of our biggest releases of the year. 🌟6 New Analytic Stories 🔍31 New Analytics ⚙️71 Updated Analytics Key highlights from this release include - New Coverage for React2Shell, CVE-2025-33073 and Tuoni C2. - New Co
@nas_bench
11 Dec 2025
2115 Impressions
11 Retweets
34 Likes
11 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2017-1001000 2 - CVE-2025-33073 3 - CVE-2025-26686 4 - CVE-2025-24893 5 - CVE-2025-33053 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
16 Nov 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitHub - uziii2208/CVE-2025-33073: Universal exploitation tool for CVE-2025-33073 targeting Windows Domain Controllers with DNSAdmins privileges and WinRM enabled. https://t.co/gBxH24OFPk
@akaclandestine
15 Nov 2025
3203 Impressions
10 Retweets
40 Likes
21 Bookmarks
0 Replies
0 Quotes
GitHub - uziii2208/CVE-2025-33073: Universal exploitation tool for CVE-2025-33073 targeting Windows Domain Controllers with DNSAdmins privileges and WinRM enabled. https://t.co/gBxH24OFPk
@akaclandestine
14 Nov 2025
3039 Impressions
13 Retweets
47 Likes
44 Bookmarks
0 Replies
0 Quotes
🚨 Active Windows SMB Exploit – CVE-2025-33073 🚨 A critical Windows flaw is being actively exploited — attackers can gain SYSTEM-level control on Windows 10/11 & Server. 🛡️ Patch your systems NOW (June 2025 update), block SMB (TCP 445) #CyberSecurity #PatchNow
@sabreitservices
11 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A támadók aktívan kihasználták a Windows SMB sebezhetőségét A CISA figyelmeztetést adott ki egy súlyos Windows SMB sebezhetőség aktív kihasználásáról. A CVE-2025-33073 azonosítón nyomon követett sérülékenység rendszerszintű (SYSTEM) jogosultságokat bizt
@linuxmint_hun
28 Oct 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Vulnerabilidad CVE-2025-33073 🥷 en el cliente SMB de Windows, permite ejecución remota de comandos y elevación de privilegios como SYSTEM, mediante manipulación de paquetes. Existen PoCs de exploits públicos. 🔐 POC exploit: https://t.co/3pTacow2qi https://t.co/6OA
@ciberseguridadx
27 Oct 2025
67 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Windows SMB Client Vulnerability Under Active Exploitation (CVE-2025-33073) CVE-2025-33073 is a Windows SMB Client vulnerability that Microsoft patched in June 2025, but CISA is now warning it's actively exploited in the wild. What's notable: SMB Client vulns are nasty
@the_c_protocol
27 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2021-28550 2 - CVE-2025-33073 3 - CVE-2023-20870 4 - CVE-2025-37947 5 - CVE-2025-22131 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
26 Oct 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-33073 - SMB Client Privilege Escalation vulnerability exploited in the wild https://t.co/KQrVlVoju3 https://t.co/P75kJOX396
@SirajD_Official
26 Oct 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-33073 - SMB Client Privilege Escalation vulnerability exploited in the wild https://t.co/vUIPwH5B2C https://t.co/2Euxx7Xrph
@scandaletti
25 Oct 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A támadók aktívan kihasználták a Windows SMB sebezhetőségét A CISA figyelmeztetést adott ki egy súlyos Windows SMB sebezhetőség aktív kihasználásáról. A CVE-2025-33073 azonosítón nyomon követett sérülékenység rendszerszintű (SYSTEM) jogosultságokat bizt
@linuxmint_hun
25 Oct 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-33073 - SMB Client Privilege Escalation vulnerability exploited in the wild https://t.co/qrhkC41Qdd https://t.co/AGJN5HLIHs
@CloudVirtues
25 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Remember the CredMarshalInfo trick? If you hadn’t applied the June 2025 patch, CVE-2025-33073 would have been critical. We know that in NTLM local auth, msg 3 is empty:You can drop sign/seal -> from Domain User to DomainAdmin escalation. 😅 https://t.co/8BCZdnSp6B
@decoder_it
24 Oct 2025
8348 Impressions
36 Retweets
127 Likes
72 Bookmarks
2 Replies
1 Quote
SMB flaw (CVE-2025-33073) now exploited; unpatched Windows systems at risk — apply patch, restrict exposure, monitor traffic. More info in: https://t.co/4a0ynEjfaA https://t.co/rOAvugSbiI
@58Consulting
24 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns of an exploited Windows SMB #ZeroDay (CVE-2025-33073). Xcape’s John Carberry: “If you haven’t patched or restricted outgoing SMB, your digital front door is unlocked.” Patch now. https://t.co/mBfbcd7mtF @SiliconAngle #Cybersecurity #XcapeInsights
@XcapeInc
24 Oct 2025
13 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 Se reporta la vulnerabilidad CVE-2025-33073 en el cliente SMB de Windows. Permite ejecución remota de comandos como SYSTEM mediante manipulación de paquetes SMB. Ya existen PoC públicas y explotación activa. Se recomienda aplicar parches de seguridad https://t.co/cFtyMeo
@henryraul
23 Oct 2025
115 Impressions
4 Retweets
8 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 CISA warns a high-severity Windows SMB flaw (CVE-2025-33073) is now actively exploited. If you haven’t updated since June 2025’s Patch Tuesday, you’re at risk. 📢 Windows 10, 11, and Server users — patch now! #CyberSecurity #WindowsUpdate #CISA #InfoSec #Microsoft
@ProgresiveRobot
22 Oct 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cyber Threat Intelligence 22/10/2568 backward 24 hr: ระดับ 1 (ฉุกเฉิน): Oracle E-Business Suite (CVE-2025-61882, CVE-2025-61884) เนื่องจากมีการใช้ประโยชน์จาก Zero-day อย่างแพร่หล
@PSirimajun
22 Oct 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad de SMB en Windows explotada activamente (CVE-2025-33073 con PoC) https://t.co/WvDgZCpi1X #Internet #Noticia #Tecnología #CiberSeguridad #web #Vulnerabilidad #Windows vía @SeguInfo https://t.co/PZ0CXl3JX4
@Securizame
22 Oct 2025
155 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Even though Microsoft patched CVE-2025-33073 back in June 2025, this Windows SMB flaw is still being actively exploited in the wild ⚠️ It allows privilege escalation to SYSTEM via NTLM reflection tricks, even without direct user interaction. Make sure you’ve applied the p
@connecti
22 Oct 2025
6 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Важная новость! Уязвимость CVE-2025-33073 в клиентах Windows SMB активно эксплуатируется злоумышленниками. Проблема позволяет повысить привилегии до системных. Вы
@cybereye_ru
21 Oct 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073) https://t.co/gWslH8F49Q #HelpNetSecurity #Cybersecurity https://t.co/emI6S6eUEa
@PoseidonTPA
21 Oct 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-33073: A Windows SMB flaw under active exploitation. CISA warns. It's not just a bug; it's a whisper from the frontier that security is a state of constant becoming, not a destination. Patch up. 💡 #InfoSec #CyberThreats
@nanoxbanana
21 Oct 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Emite Alerta Crítica: Vulnerabilidad CVE-2025-33073 en Cliente SMB de Windows siendo Explotada Activamente https://t.co/1PGhnHyN5A
@nksistemas
21 Oct 2025
48 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Attention, Windows users! A patch for CVE-2025-33073 is urgently needed as the SMB client vulnerability is causing a ruckus in the wild. Don’t let hackers have all the fun—update now! #WindowsForum #CyberSecurity #PatchYourPC https://t.co/nDmzr2nFF1
@windowsforum
21 Oct 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I made my @tryhackme room on NTLM Reflection (CVE-2025-33073) public. I submitted it a while ago, but never received an update. You can now join to practice the NTLM reflection vulnerability. This room covers three practical techniques you can use in real-world engagements to ht
@l1v1n9h311
21 Oct 2025
245 Impressions
0 Retweets
3 Likes
2 Bookmarks
1 Reply
0 Quotes
CISA Warns of Actively Exploited Windows SMB Vulnerability The security flaw, tracked as CVE-2025-33073, has been added to CISA’s Known Exploited Vulnerabilities catalog, https://t.co/PudHsPTINT https://t.co/nbDPK7AL2L
@RickSpairDX
21 Oct 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
米国CISAが、すでに悪用が確認されたWindows SMBの重大な脆弱性を警告リストに追加した。脆弱性を放置すれば、攻撃者がシステム権限を奪取する恐れがある。 問題の「CVE-2025-33073」はWindows
@yousukezan
21 Oct 2025
8570 Impressions
30 Retweets
91 Likes
40 Bookmarks
0 Replies
3 Quotes
CISA Warns of Active Exploits in Critical Windows SMB Flaw CISA has added CVE-2025-33073, a critical SMB vulnerability in Windows, to its catalog. It allows attackers to escalate privileges via crafted attacks, executing malicious scripts that force connections to https://t.co/n
@Secwiserapp
21 Oct 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "FCC2974E-F0F4-4F33-9CCE-2CEA45A3AD86",
"versionEndExcluding": "10.0.10240.21034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "A94EDBE2-AAFF-4E9A-A9E5-9B02ADB94471",
"versionEndExcluding": "10.0.10240.21034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "21CF85F1-CE6E-4AA2-B686-20766DB23D46",
"versionEndExcluding": "10.0.14393.8148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "10F0F3D2-00CD-4F52-B31E-DEA656DBD8B3",
"versionEndExcluding": "10.0.14393.8148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "F081F99C-6E6A-4AB2-8DE8-6457582D80D6",
"versionEndExcluding": "10.0.17763.7434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "7D9FCD92-0CED-43D3-87E0-630B80AC1A89",
"versionEndExcluding": "10.0.17763.7434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5667B11-7E10-4A08-89D2-253D682151C5",
"versionEndExcluding": "10.0.19044.5965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8CB6E81-62E0-4B19-ADE9-5ADB260CB960",
"versionEndExcluding": "10.0.19045.5965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCDDDE2C-0235-4792-905A-DDDF5D346BDC",
"versionEndExcluding": "10.0.22621.5472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53835865-3135-4F16-9868-C96D8C5E2BED",
"versionEndExcluding": "10.0.22631.5472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA78F5F9-AEE3-423B-B82A-9ECEF2BDADF3",
"versionEndExcluding": "10.0.26100.4270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9B7111D-5C1D-415B-8ED4-F891B4832B18",
"versionEndExcluding": "10.0.14393.8148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E77CCA1-2FF6-429B-85A6-81E2B7C6B08F",
"versionEndExcluding": "10.0.17763.7434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "889A792E-8809-4A78-AABC-0567D025927A",
"versionEndExcluding": "10.0.20348.3745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "537E7AD5-0562-490B-AB16-0805F8865C74",
"versionEndExcluding": "10.0.25398.1665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4BB5C4-1318-4006-9C50-0AED4E0C8A3F",
"versionEndExcluding": "10.0.26100.4270",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]