CVE-2025-33073 is reported to let researchers reach NT AUTHORITY\SYSTEM on fully patched Windows systems, turning an authentication flaw into a high-value privilege path.
A reported proof-of-concept turns Microsoft’s recovery machinery into the security story, showing how a trusted maintenance path may matter as much as the encryption it protects.