Plateforme
windows
Composant
windows-kernel
Corrigé dans
10.0.10241
10.0.14394
10.0.17764
10.0.19045
10.0.19046
10.0.22622
10.0.22632
10.0.26101
CVE-2025-33067 describes an improper privilege management flaw within the Windows Kernel. This vulnerability allows an unauthorized attacker to escalate their privileges locally, potentially gaining control over the affected system. The issue impacts Windows versions up to and including 10.0.26100.4349, and a patch is available.
Successful exploitation of CVE-2025-33067 grants an attacker the ability to elevate their privileges on a compromised Windows system. This means a standard user could gain administrator or SYSTEM-level access, enabling them to install malware, modify system configurations, steal sensitive data, and potentially pivot to other systems on the network. The impact is significant, as it bypasses standard access controls and allows for complete system compromise. While the description doesn't specify a particular attack vector, privilege escalation vulnerabilities often rely on exploiting weaknesses in system services or drivers.
CVE-2025-33067 was published on 2025-06-10. The EPSS score is pending evaluation. No public proof-of-concept exploits are currently known. It is not listed on the CISA KEV catalog at the time of writing.
Organizations running Windows operating systems, particularly those with legacy configurations or systems that have not been regularly patched, are at risk. Environments with weak access controls or a high number of privileged accounts are also more vulnerable, as a successful exploitation could lead to widespread compromise.
• windows / supply-chain:
Get-Process -ErrorAction SilentlyContinue | Where-Object {$_.ProcessName -match 'suspect_process_name'}• windows / supply-chain:
Get-WinEvent -LogName System -FilterXPath "*[System[Provider[@Name='Microsoft-Windows-Kernel-Configuration']]]" | Select-String -Pattern "privilege_escalation_keyword"• windows / supply-chain: Check Autoruns for unusual entries related to privilege escalation. • windows / supply-chain: Monitor Windows Defender for alerts related to privilege escalation attempts. • windows / supply-chain: Use Sysinternals tools like Process Monitor to observe process behavior and identify suspicious activity.
disclosure
Statut de l'Exploit
EPSS
0.36% (percentile 58%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2025-33067 is to upgrade to Windows version 10.0.26100.4349 or later, which includes the necessary fix. If immediate patching is not feasible, consider implementing least privilege principles to limit the potential impact of a successful attack. This includes restricting user access to only the resources and permissions they absolutely need. Regularly review and update group policies to enforce these restrictions. There are no specific WAF or proxy rules that can directly mitigate this kernel-level vulnerability; patching is essential. After upgrading, confirm the fix by checking the Windows build version.
Actualice su sistema operativo Windows a la última versión disponible a través de Windows Update. Esto instalará las correcciones de seguridad necesarias para mitigar la vulnerabilidad de elevación de privilegios en el kernel de Windows. Consulte el boletín de seguridad de Microsoft para obtener más detalles sobre la actualización específica.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2025-33067 is a HIGH severity privilege escalation vulnerability in the Windows Kernel, allowing attackers to gain elevated privileges locally.
You are affected if you are running Windows versions up to and including 10.0.26100.4349.
Upgrade to Windows version 10.0.26100.4349 or later to remediate the vulnerability.
No public proof-of-concept exploits are currently known, but active exploitation cannot be ruled out.
Refer to the Microsoft Security Update Guide for the latest information and advisory details.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.