CVE-2025-60704: Windows Kerberos Elevation of Privilege Vulnerability

How could an attacker exploit this vulnerability?

When multiple attack vectors can be used, we assign a score based on the scenario with the higher risk. In one such scenario for this vulnerability, the attacker could convince a victim to connect to an attacker controlled malicious application (for example, SMB) server. Upon connecting, the malicious server could compromise the protocol.