THREATOPS
THREAT OPSCVEs › CVE-2022-26923

CVE-2022-26923 — Microsoft Active Directory Domain Services Privilege Escalation Vulnerability

CISA KEVExploited: confirmedMicrosoft

An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.

Vulnerability details