1. Home
  2. Vulnerabilities
  3. CVE-2022-26923

CVE-2022-26923

CVSS v3.1 8.8 (High)
88% Progress
CVSS v2.0 9 (High)
90% Progress
EPSS 5.27 % (93th)
5.27% Progress
Affected Products 14
Advisories 2
NVD Status Analyzed
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Active Directory Domain Services Elevation of Privilege Vulnerability

Weaknesses
CWE-295
Improper Certificate Validation
CVE Status
PUBLISHED
NVD Status
Analyzed
CNA
Microsoft Corporation
Published Date
2022-05-10 21:15:10
(2 years ago)
Updated Date
2024-06-28 14:08:58
(2 months ago)
Microsoft Active Directory Domain Services Privilege Escalation Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
Description
An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.
Required Action
Apply updates per vendor instructions.
Known to be Used in Ransomware Campaigns
Unknown
Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-26923; https://nvd.nist.gov/vuln/detail/CVE-2022-26923
Vendor
Microsoft
Product
Active Directory
In CISA Catalog from
2022-08-18
(2 years ago)
Due Date
2022-09-08
(2 years ago)

Affected Products

Microsoft

Configuration #1

    CPE23 From Up To
  Microsoft Windows 10 1507 prior 10.0.10240.19297 version cpe:2.3:o:microsoft:windows_10_1507 < 10.0.10240.19297
  Microsoft Windows 10 1607 prior 10.0.14393.5850 version cpe:2.3:o:microsoft:windows_10_1607 < 10.0.14393.5850
  Microsoft Windows 10 1809 prior 10.0.17763.4252 version cpe:2.3:o:microsoft:windows_10_1809 < 10.0.17763.4252
  Microsoft Windows 10 1909 prior 10.0.18363.2274 version cpe:2.3:o:microsoft:windows_10_1909 < 10.0.18363.2274
  Microsoft Windows 10 20h2 prior 10.0.19042.1706 version cpe:2.3:o:microsoft:windows_10_20h2 < 10.0.19042.1706
  Microsoft Windows 10 21h1 prior 10.0.19043.1706 version cpe:2.3:o:microsoft:windows_10_21h1 < 10.0.19043.1706
  Microsoft Windows 10 21h2 prior 10.0.19044.1706 version cpe:2.3:o:microsoft:windows_10_21h2 < 10.0.19044.1706
  Microsoft Windows 11 21h2 prior 10.0.22000.1817 version cpe:2.3:o:microsoft:windows_11_21h2 < 10.0.22000.1817
  Microsoft Windows 8.1 cpe:2.3:o:microsoft:windows_8.1:-
  Microsoft Windows Rt 8.1 cpe:2.3:o:microsoft:windows_rt_8.1:-
  Microsoft Windows Server 2012 R2 cpe:2.3:o:microsoft:windows_server_2012:r2
  Microsoft Windows Server 2016 prior 10.0.14393.5850 version cpe:2.3:o:microsoft:windows_server_2016 < 10.0.14393.5850
  Microsoft Windows Server 2019 prior 10.0.17763.4252 version cpe:2.3:o:microsoft:windows_server_2019 < 10.0.17763.4252
  Microsoft Windows Server 2022 prior 10.0.20348.1668 version cpe:2.3:o:microsoft:windows_server_2022 < 10.0.20348.1668