Headline
CVE-2023-35350
Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability
Related news
Hello everyone! This episode will be about Microsoft Patch Tuesday for July 2023, including vulnerabilities that were added between June and July Patch Tuesdays. Alternative video link (for Russia): https://vk.com/video-149273431_456239131 As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. Vulristics improvements I optimized the detection of the vulnerable product and the type […]
**How could an attacker exploit this vulnerability?** An attacker with Certificate Authority (CA) read access permissions can send a specially crafted request to a vulnerable Certificate Server. By default, only domain administrators are granted CA read access.