all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SCCM Hierarchy Takeover with High Availability

Add to bookmarks
Feb. 21, 2024, 8:12 p.m. | Garrett Foster

Security Boulevard securityboulevard.com

TL;DR: SCCM sites configured to support high availability can be abused to compromise the entire hierarchy


I previously wrote about how targeting site systems hosting the SMS Provider role can be used to compromise a SCCM hierarchy. In that blog, I discussed high availability (HA) for the SMS Provider which is designed to support multiple configuration manager console sessions or to support managing SCCM if the SMS provider goes offline. Since then, my coworker Chris Thompson and I started researching …

availability blog can compromise configuration management cybersecurity hierarchy high high availability hosting microsoft role sbn news sccm sms support systems takeover targeting

Visit resource

More from securityboulevard.com / Security Boulevard

Dropbox Hacked: eSignature Service Breached 13 hours ago | securityboulevard.com
application security appsec breached cloud security +39
USENIX Security ’23 – “My Privacy for their Security”: Employees’ Privacy Perspectives and Expectations when … 14 hours ago | securityboulevard.com
access authors conference employees +17
Key Areas Where Open-Source Security Needs to Evolve 15 hours ago | securityboulevard.com
cybersecurity cybersecurity experts effect experts +10
News alert: LayerX Security raises $24M Series A funding for its ‘enterprise browser’ security platform 16 hours ago | securityboulevard.com
alert browser browser security capital +26
Strata Identity Names Granville Schmidt Chief Architect 16 hours ago | securityboulevard.com
advancements appointed april architect +22
LayerX Security Raises $24M for its Browser Security Platform, Enabling Employees to Work Securely from … 16 hours ago | securityboulevard.com
adoption browser browser security companies +14
Survalyzer SPF and DKIM configuration: Step By Step Guideline 16 hours ago | securityboulevard.com
article blog configuration dkim +6
Vtiger SPF & DKIM Setup: Step By Step Guideline 17 hours ago | securityboulevard.com
amp blog businesses cloud +11
Spamhero SPF and DKIM configuration: Step By Step Guideline 17 hours ago | securityboulevard.com
article blog configuration dkim +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Cloud Security Analyst

@ Cloud Peritus | Bengaluru, India
View on infosec-jobs.com

Cyber Program Manager - CISO- United States – Remote

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com

Network Security Engineer (AEGIS)

@ Peraton | Virginia Beach, VA, United States
View on infosec-jobs.com

SC2022-002065 Cyber Security Incident Responder (NS) - MON 13 May

@ EMW, Inc. | Mons, Wallonia, Belgium
View on infosec-jobs.com

Information Systems Security Engineer

@ Booz Allen Hamilton | USA, GA, Warner Robins (300 Park Pl Dr)
View on infosec-jobs.com
View more jobs