CVE-2025-53779

Опубликовано: 12 авг. 2025

Источник: msrc

CVSS3: 7.2

EPSS Низкий

Описание

Windows Kerberos Elevation of Privilege Vulnerability

Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network.

According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?

To successfully exploit this vulnerability, an attacker would need to have elevated access to certain attributes of the dMSA, specifically:

msds-groupMSAMembership: This attribute allows the user to utilize the dMSA.
msds-ManagedAccountPrecededByLink: The attacker needs write access to this attribute, which allows them to specify a user that the dMSA can act on behalf of.

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain domain administrator privileges.

Продукт	Статья	Обновление
Windows Server 2025	5063878 5064010	Security Update SecurityHotpatchUpdate
Windows Server 2025 (Server Core installation)	5063878 5064010	Security Update SecurityHotpatchUpdate

Показывать по

Publicly Disclosed

Yes

Exploited

Latest Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 36%

0.00151

Низкий

7.2 High

CVSS3

CVE-2025-53779

CVSS3: 7.2

nvd

около 1 месяца назад

Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network.

GHSA-93cj-3754-25wf

CVSS3: 7.2

github

около 1 месяца назад

Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network.

EPSS

Процентиль: 36%

0.00151

Низкий

7.2 High

CVSS3