Windows SMB Zero-Day Exploited via Kerberos Relay

June 13, 2025

Multiple WordPress Plugins Vulnerabilities

June 13, 2025

Multiple Microsoft Windows Vulnerabilities

June 13, 2025

Severity

Medium

Analysis Summary

CVE-2025-32710 CVSS:8.1

Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

CVE-2025-32714 CVSS:7.8

Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally.

Impact

Code Execution
Privilege Escalation

Indicators of Compromise

CVE

CVE-2025-32710
CVE-2025-32714

Affected Vendors

Microsoft

Affected Products

Microsoft Windows Server 2016
Microsoft Windows Server 2019
Windows Server 2019
Windows Server 2022
Microsoft Windows Server 2025
Windows 10 (all supported versions)
Windows 11 (all supported versions)
Windows 8.1 (if still in extended support)
Windows 7 (ESU customers only- if applicable)
Windows Server 2012 / 2012 R2

Remediation

Update to apply the appropriate patch for your system, or use the Microsoft Security Update Guide to search for available patches.

CVE-2025-32710

CVE-2025-32714

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Hacked SonicWall VPN Tool Used to Steal Data – Active IOCs

APT Hackers Abuse Microsoft ClickOnce to Deliver Trusted Malware

Multiple Google Chrome Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Windows SMB Zero-Day Exploited via Kerberos Relay

Multiple WordPress Plugins Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation