THREAT OPS › CVEs › CVE-2022-26925
CVE-2022-26925 — Microsoft Windows LSA Spoofing Vulnerability
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.
Vulnerability details
- Affected productsWindows
- KEV remediation due2022-07-22