Threat Intelligence Briefing CVE-2025-33073

+44 121 817 4636 Request a quote

CVE-2025-33073 has been described by Microsoft as an elevation of privilege vulnerability but would be more correctly described as a locally exploitable authenticated RCE as system that affects Windows 10 and above.

A patch was released in June 2025, as was a POC and several detailed write ups. CISA described the vulnerability as being under active exploitation in October 2025. While a patch is available and has been for 4 months, the vulnerability can also be mitigated through configuration changes.

LRQA’s Threat Intelligence team has performed an in-depth analysis of the technical root cause of this vulnerability. Download the full report to learn more about CVE-2025-33073, including:

Mitigation and detection
Information on the vulnerability
Insight into why this vulnerability is remote only

CVE 2025 33073