Improper authorization in Active Directory Certificate Services (AD CS) allows an authorized attacker to elevate privileges over a network.
What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain administrator privileges. How could an attacker exploit this vulnerability? An authenticated attacker could manipulate attributes associated with a machine account and obtain a certificate from Active Directory Certificate Services that allows authentication as that machine via PKINIT. If a Domain Controller account can be targeted, the attacker could authenticate as the Domain Controller and gain the ability to perform privileged Active Directory operations.
<a href="https://x.com/aniqfakhrul">Aniq Fakhrul</a> <a href="https://x.com/h0j3n">Muhammad Ali</a>, <a href="https://x.com/aniqfakhrul">Aniq Fakhrul</a>, <a href="https://x.com/aniqfakhrul">Aniq Fakhrul</a> <a href="https://x.com/h0j3n">Muhammad Ali</a>