As of July 8, 2025, there is no publicly available information regarding a vulnerability identified as CVE-2025-48802 in the Windows SMB Server. It's possible that this CVE has not been disclosed or documented in public databases.
However, there have been recent vulnerabilities related to Windows SMB that have been publicly disclosed and addressed:
- CVE-2025-33073: This is a high-severity elevation of privilege vulnerability affecting the Microsoft Windows Server Message Block (SMB) client. The flaw arises from improper handling of security contexts during the establishment of authenticated SMB sessions. An attacker-controlled SMB server can manipulate session metadata, causing the client to grant elevated privileges to untrusted operations. Exploitation requires luring an authenticated user into connecting to a malicious SMB share, potentially leading to full system compromise. Microsoft assigned this vulnerability a CVSS score of 8.8 and addressed it in the June 2025 Patch Tuesday update. (balbix.com)
- CVE-2025-24054: This vulnerability involves the external control of file names or paths in Windows NTLM, allowing unauthorized attackers to perform spoofing over a network. Exploitation can lead to the disclosure of NTLM hashes, which attackers can use for further malicious activities. Microsoft released a patch for this vulnerability on March 11, 2025. (nvd.nist.gov)
- Apply Security Updates Promptly: Ensure that all systems are updated with the latest patches provided by Microsoft.
- Enforce SMB Signing: Enable SMB signing through Group Policy to prevent unauthorized access and relay attacks.
- Monitor Network Traffic: Keep an eye on SMB traffic for unusual activity that might indicate exploitation attempts.
- Educate Users: Inform users about the risks of interacting with untrusted network shares and the importance of cautious behavior.
Source: MSRC Security Update Guide - Microsoft Security Response Center