{"uuid": "c0de9dd9-011e-43db-bad3-acb91038f4c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-33073", "type": "seen", "source": "https://threatintel.cc/2026/06/30/poc-released-for-ntlm-reflection.html", "content": "PoC Released for NTLM reflection bypass Vulnerability that Emanbles SYSTEM Access on Windows Server\n\nA newly released PoC exploits the CVE-2025-33073 vulnerability, allowing attackers to bypass NTLM reflection mitigations and gain SYSTEM access on Windows Server by leveraging SMB multiplexing and custom-port features. To mitigate this local privilege escalation, administrators are urged to enforce SMB signing, apply official Microsoft updates, and restrict privileged service outbound connections.", "creation_timestamp": "2026-06-30T16:01:05.583090Z"}