CVE-2022-26923 – Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-26923
Active Directory Domain Services Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Active Directory Domain Services This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of Microsoft Windows Active Directory Certificate Services. Authentication is required to exploit this vulnerability. The specific flaw exists within the issuance of certificates. By including crafted data in a certificate request, an attacker can obtain a certificate that allows the attacker to authenticate to a domain controller with a high level of privilege. An attacker can leverage this vulnerability to escalate privileges and disclose stored credentials, leading to further compromise. An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM. • https://github.com/lsecqt/CVE-2022-26923-Powershell-POC https://github.com/r1skkam/TryHackMe-CVE-2022-26923 https://github.com/Gh-Badr/CVE-2022-26923 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26923 https://research.ifcr.dk/certifried-active-directory-domain-privilege-escalation-cve-2022-26923-9e098fe298f4 https://cravaterouge.github.io/ad/privesc/2022/05/11/bloodyad-and-CVE-2022-26923.html • CWE-295: Improper Certificate Validation •
CVE-2022-29104 – Windows Print Spooler Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-29104
Windows Print Spooler Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Windows Print Spooler. Este ID de CVE es diferente de CVE-2022-29132 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Print Spooler service. By creating a symbolic link, an attacker can cause the service to load an arbitrary DLL. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29104 •
CVE-2022-30138 – Windows Print Spooler Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-30138
Windows Print Spooler Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Print Spooler. Este ID de CVE es diferente de CVE-2022-29104, CVE-2022-29132 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Print Spooler service. By creating a symbolic link, an attacker can cause the service to load an arbitrary DLL. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30138 •
CVE-2022-29114 – Windows Print Spooler Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-29114
Windows Print Spooler Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información en Windows Print Spooler. Este ID de CVE es diferente de CVE-2022-29140 This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Print Spooler service. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29114 •
CVE-2022-26919 – Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26919
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Windows LDAP • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26919 •