CVE-2022-26923: Microsoft Active Directory Domain Services Privilege

Microsoft Active Directory Domain Services Privilege Escalation Vulnerability. An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.

• CISA KEV-listed (remediation due 2022-09-08)
• EPSS 91.6% (99.7% percentile)

Detection rules

• Certificate Use With No Strong Mapping medium

Browse the CVE database

Read the full analysis on IntelFusions