CVE-2021-42278: Microsoft Active Directory Domain Services Privilege

Microsoft Active Directory Domain Services Privilege Escalation Vulnerability. Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.

• CISA KEV-listed (remediation due 2022-05-02)
• used in ransomware campaigns
• EPSS 94.1% (99.9% percentile)

Detection rules

• Potential CVE-2021-42278 Exploitation Attempt medium

Related briefings

• RansomHub (Knight/Cyclops Rebranded): CVE-2024-3400 and ZeroLogon in Sub-14-Hour Attack, PCHunter EDR Termination, FileZilla Exfiltration, and Multi-Platform Ransomware Variants 2026-02-16

Browse the CVE database

Read the full analysis on IntelFusions