CVE-2025-53779

Name of the Vulnerable Software and Affected Versions Windows Kerberos versions prior to the August 2025 updates

Description A relative path traversal issue in the Windows Kerberos protocol allows an authorized attacker to elevate privileges over a network. This can be achieved by abusing delegated Managed Service Accounts (dMSA), potentially granting the attacker full control over the corporate network, including domain administrator rights. This zero-day issue was actively exploited before the release of a security update.

Recommendations Install the August 2025 updates. Review permissions on Organizational Units, containers, and dMSA objects. Restrict the creation and modification of dMSA and their migration link attributes to Tier 0 administrators.