CVE-2022-26923βMicrosoft Active Directory Domain Services Privilege Escalation Vulnerability
PUBLISHEDvulnerability record
2022-08-18 Β· last modified June 21, 2025
Metadata
Vulnerability Name
Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
Description
An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.
Known To Be Used in Ransomware Campaigns?
Action
Apply updates per vendor instructions.