THREATOPS
THREAT OPSCVEs › CVE-2022-26925

CVE-2022-26925 — Microsoft Windows LSA Spoofing Vulnerability

CISA KEVExploited: confirmedMicrosoft

Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.

Vulnerability details