Logan Diomedi | Depth Security

Penetration Testing
Industries
Company
- Who We Are
- Careers
Resources
- Tools
- Blog
Contact Us

Penetration Testing
Industries
Company
- Who We Are
- Careers
Resources
- Tools
- Blog
Contact Us

By

Logan Diomedi

Successful SMB->SMB Relay With CVE-2025-33073

14

Jan

Using NTLM Reflection to Own Active Directory (CVE-2025-33073)

January 14, 2026Logan DiomediBlog

Like many other pentesters and offensive security professionals out there, we’ve been getting a ton of mileage out of CVE-2025-33073. Microsoft describes this vulnerability as “Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.”

KMBS Security Services

Depth Security is a division of Konica Minolta Business Solutions U.S.A., Inc. For updates from Konica Minolta, follow our social media channels:

Quick Links

Penetration Testing
Industries
Company
Resources

Contact Us

info@depthsecurity.com

(816) 299 4123

By continuing to use our site, you agree to our updated Privacy Policy