CVE-2025-55234

Name of the Vulnerable Software and Affected Versions Windows Server Message Block (SMB) versions prior to September 2025 Patch Tuesday

Description The SMB Server may be susceptible to relay attacks depending on the configuration. Successful exploitation of this issue could allow an attacker to perform relay attacks and potentially elevate privileges. Microsoft has released audit capabilities in the September 2025 security updates to help identify potential device or software incompatibility issues before deploying SMB Server hardening measures. The vulnerability is related to flaws in the authentication procedure of the Windows SMB server.

Recommendations Assess your environment by utilizing the audit capabilities released in the September 2025 security updates. Adopt appropriate SMB Server hardening measures, including enabling SMB Server signing and SMB Server Extended Protection for Authentication (EPA).