A newly disclosed vulnerability, CVE-2025-33073, dubbed the “Reflective Kerberos Relay Attack,” has shaken the Windows security landscape. Discovered by RedTeam Pentesting and patched by Microsoft on June 10, 2025, this flaw allows low-privileged Active Directory users to escalate privileges to NT AUTHORITY\SYSTEM on domain-joined Windows systems that do not enforce SMB signing. The attack leverages […]

The post Windows SMB Client Zero-Day Vulnerability Exploited via Reflective Kerberos Relay Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anupriya

Source: gbHackers
Source Link: https://gbhackers.com/windows-smb-client-zero-day-vulnerability/