Security News > 2021 > December > Two Active Directory Bugs Lead to Easy Windows Domain Takeover

A proof-of-concept tool has been published that leverages two Windows Active Directory bugs fixed last month that, when chained, can allow easy Windows domain takeover.

Both vulnerabilities are described as a "Windows Active Directory domain service privilege-escalation" bugs and are of high severity, with a CVSS criticality score of 7.5 out of 10.

The vulnerabilities allow attackers to easily jack up privileges to that of domain admin in unpatched Windows Active Directory domain services after impersonating a regular domain user, according to Microsoft's advisory.

Domain administrators in Windows are users that can modify the configuration of Active Directory servers and can modify any content stored there.

"​When combining these two vulnerabilities, an attacker can create a straightforward path to a domain admin user in an Active Directory environment that hasn't applied these new updates," according to the security alert.

Same Account Name refers to the sAMAccountName attribute: a logon name used to support clients and servers from previous versions of Windows, such as Windows NT 4.0, Windows 95, Windows 98 and LAN Manager.

News URL

https://threatpost.com/active-directory-bugs-windows-domain-takeover/177185/