Which is a typical outcome of exploiting the EternalBlue vulnerability in a pentest?

Exploiting EternalBlue is about remote code execution through SMBv1, which lets an attacker take control of a Windows host. In a pentest, the aim is often to show how that initial foothold can be expanded across the network. Once you’ve gained access on one host, you can move laterally to other vulnerable machines using the same vector, compromising additional hosts and demonstrating network-wide reach. That lateral movement reflects the typical risk scenario: a single vulnerable machine can become a springboard to many others. While gaining control on the first host can allow admin-like access there and potentially lead to data access or exfiltration later, the most characteristic outcome of this vulnerability in a networked pentest is propagation to other hosts rather than immediate data theft or a mere DoS.