Certifried ADCS Privilege Escalation PoC | allinfosecnews.com

May 11, 2022, 11:56 a.m. | /u/an0n_r0

cybersecurity www.reddit.com

Just recreated the PoC for CVE-2022-26923 ("Certifried") Windows Active Directory Privilege Escalation vulnerability. From low-privileged user to domain admin in a couple of (relatively easy) steps:

tweet: [https://twitter.com/an0n\_r0/status/1524181212868325380](https://twitter.com/an0n_r0/status/1524181212868325380)
little bit more details: [https://www.linkedin.com/feed/update/urn:li:activity:6929953880982069249/](https://www.linkedin.com/feed/update/urn:li:activity:6929953880982069249/)

and the full write-up by /u/ly4k_ who discovered this amazing vulnerability: [https://research.ifcr.dk /certifried-active-directory-domain-privilege-escalation-cve-2022-26923-9e098fe298f4](https://research.ifcr.dk/certifried-active-directory-domain-privilege-escalation-cve-2022-26923-9e098fe298f4)

adcs cybersecurity escalation poc privilege privilege escalation

More from www.reddit.com / cybersecurity

Security awareness VS human risk management - why the term you use matters 4 hours ago | www.reddit.com

awareness computers cybersecurity focus +14

USPS Scam SMS - Link Discussion 4 hours ago | www.reddit.com

cybersecurity domain domain name link +10

Top cybersecurity stories for the week of 04-15-24 to 04-19-24 6 hours ago | www.reddit.com

ciso cyber cyber security cybersecurity +8

Cyberattack Takes Frontier Communications Offline 9 hours ago | www.reddit.com

com communications cyberattack cybersecurity +2

Antivirus: Essential tool or outdated tech for Cyber Pros? 10 hours ago | www.reddit.com

antivirus antivirus software community cyber +18

Update on previous post “best security practices in gaming development” 11 hours ago | www.reddit.com

can ciso cybersecurity engine +10

Should I be learning Cybersecurity on my primary machine? 21 hours ago | www.reddit.com

accounting auditor cybersecurity free +7

QSA Says we Can't Provide Public WiFi 23 hours ago | www.reddit.com

campus can cybersecurity event +13

Chinese Government Poses 'Bold and Unrelenting' Threat to U.S. Critical Infrastructure, FBI Director Says | … 23 hours ago | www.reddit.com

bureau chinese chinese government critical +10

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Cybersecurity Triage Analyst

@ Peraton | Linthicum, MD, United States

View on infosec-jobs.com

Associate DevSecOps Engineer

@ LinQuest | Los Angeles, California, United States

View on infosec-jobs.com

DORA Compliance Program Manager

@ Resillion | Brussels, Belgium

View on infosec-jobs.com

Head of Workplace Risk and Compliance

@ Wise | London, United Kingdom

View on infosec-jobs.com