Headline
CVE-2023-35350: Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability
How could an attacker exploit this vulnerability?
An attacker with Certificate Authority (CA) read access permissions can send a specially crafted request to a vulnerable Certificate Server. By default, only domain administrators are granted CA read access.