CVE-2021-42287: Microsoft Active Directory Domain Services Privilege

Microsoft Active Directory Domain Services Privilege Escalation Vulnerability. Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.

• CISA KEV-listed (remediation due 2022-05-02)
• used in ransomware campaigns
• EPSS 94.0% (99.9% percentile)

Detection rules

• Suspicious Computer Account Name Change CVE-2021-42287 high
• Potential CVE-2021-42287 Exploitation Attempt medium
• Win Susp Computer Name Containing Samtheadmin critical

Browse the CVE database

Read the full analysis on IntelFusions