Monday, June 27, 2022

Hunting for samAccountName Spoofing (CVE-2021–42278) & Domain Controller Impersonation

Background

On November 9, 2021, Microsoft released patches to address two vulnerabilities that affect Windows Active Directory domain controllers: sAMAccountName Spoofing (CVE-2021–42278) and Domain Controller Impersonation (CVE-2021–42287). On December 10, 2021, security researcher Charlie Clark released a blog post where he shared how to weaponize these vulnerabilities. Public exploit code quickly followed.

CVE-2021–42278 and CVE-2021–42287 allow an adversary with access to low-privileged do…

Read More

Latest news
Related news