CVE-2022-26923 - Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
CVE-2022-26923
Microsoft | Active Directory
- Date Added:
- 2022-08-18
- Due Date:
- 2022-09-08
- Vulnerability Name
Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
- Description
An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.
- Known To Be Used in Ransomware Campaigns?
Unknown
- Action
Apply updates per vendor instructions.
- Additional Notes
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-26923; https://nvd.nist.gov/vuln/detail/CVE-2022-26923
Free security scan for your website