CVE-2022-26925
Microsoft Windows LSA Spoofing Vulnerability
CVSS
—
Sin CVSS
EPSS
10.5%
p95
KEV
SÍ
1 jul 2022
Exploit Today
79
0-100
Publicado: — · Última mod.: —
Producto
Microsoft / Windows
Vulnerabilidad
Microsoft Windows LSA Spoofing Vulnerability
Añadido a KEV
1 jul 2022
Remediar antes de
22 jul 2022
Uso conocido en ransomware
No
Descripción resumida
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.
Acción requerida
Apply remediation actions outlined in CISA guidance [https://www.cisa.gov/guidance-applying-june-microsoft-patch].
Notas
WARNING: This update is required on all Microsoft Windows endpoints but if deployed to domain controllers without additional configuration changes the update breaks PIV/CAC authentication. Read CISA implementation guidance carefully before deploying to domain controllers.; https://nvd.nist.gov/vuln/detail/CVE-2022-26925