THREAT OPS › CVEs › CVE-2022-26923
CVE-2022-26923 — Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.
Vulnerability details
- Affected productsActive Directory
- KEV remediation due2022-09-08