Detections
Analytics

ADCS Dangerous Misconfigurations

critical

Language:

Description

Misconfigurations of Windows PKI objects in the Active Directory can lead to an elevation to administrator privileges from a standard account.

Solution

Certain Microsoft PKI parameters can significantly affect the security of the entire Active Directory and therefore require careful configuration.

See Also

Microsoft ADCS - Abusing PKI in Active Directory Environment

Certified Pre-Owned

Indicator Details

Name: ADCS Dangerous Misconfigurations

Codename: C-PKI-DANG-ACCESS

Severity: Critical

MITRE ATT&CK Information:

Tactics: TA0003, TA0004

Techniques: T1078

Attacker Known Tools

Certipy

Certify

ForgeCert