#Windows Local Security Authority (LSA)

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack.

**According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack.

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could impersonate the group Managed Service Account (gMSA) to perform actions or access resources over the network.

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** This vulnerability could lead to a contained execution environment escape. Please refer to https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.