THREATOPS
THREAT OPSThreat News › Bypassing Windows authentication reflection mitigations for SYSTEM shells - Part 1

Bypassing Windows authentication reflection mitigations for SYSTEM shells - Part 1

medsynacktiv

A year ago, authentication reflection vulnerabilities resurfaced as a powerful attack vector through the discovery of CVE-2025-33073 by several security researchers, including us. This logical vulnerability allowed taking over almost any Windows machine without any user interaction. Following our analysis and the official patch by Microsoft, we had a gut feeling that the root cause of the issue wa

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://www.synacktiv.com/en/publications/bypassing-windows-authentication-reflection-mitigations-for-system-shells-part-1.html