PT-2024-8108 · Microsoft · Active Directory Certificate Services+1
Justin Bollinger
+2
·
Published
2024-10-12
·
Updated
2025-12-23
·
CVE-2024-49019
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Microsoft Active Directory Certificate Services (affected versions not specified)
Description
An elevation-of-privilege issue exists in Microsoft Active Directory Certificate Services. Exploitation of this issue may allow an attacker to elevate their privileges within a system. The issue is related to flaws in the authentication procedure and specifically impacts certificate templates with broad permissions. This vulnerability, also known as EKUwu or ESC15, has been actively exploited. While the exact number of affected devices is not specified, the vulnerability poses a risk to domain control. The issue involves the use of version 1 certificate templates.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
LPE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Active Directory Certificate Services
Windows