Movin' On Up: An Analysis of The Privilege Escalation Vulnerability CVE-2022-26923

This article provides analysis of CVE-2022–26923, a vulnerability at the intersection of Active Directory (AD) and Active Directory Certificate Services (AD CS) that was discovered and reported privately through Zero Day Initiative by Oliver Lyak and patched on May 10, 2022, which allowed for a low-privileged attacker to escalate their privileges through impersonation of another computer account under the guise of a requested authentication certificate.

As the go-to directory service from Microsoft for Windows domain networks, Active Directory (AD), …

activedirectory analysis cve cve-2022-26923 escalation privilege privilege escalation security vulnerability