Microsoft Windows SMB Server Relay Attack Vulnerability Allowing Elevation of Privilege
Vulnerability
A vulnerability in the SMB Server could allow relay attacks, potentially leading to unauthorized elevation of privilege. This issue arises from certain configurations that do not implement available hardening measures, such as SMB Server signing and Extended Protection for Authentication (EPA). When exploited, an attacker could relay authentication requests and manipulate them to gain elevated privileges on the affected system.
Impact
Successful exploitation allows an attacker to perform relay attacks, manipulating authentication to gain elevated privileges on the affected system.
Remediation
Users are advised to assess their environment using the audit capabilities provided in the September 2025 security updates. Instructions for deploying SMB Server hardening measures, including SMB Server Signing and EPA, are available in the Microsoft Knowledge Base articles KB5065429, KB5065431, KB5065428, KB5065507, KB5065509, KB5065468, KB5065510, KB5065508, KB5065511, KB5065426, KB5065474, KB5065432, KB5065306, and KB5065427.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.