CVE-2026-25177
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2Tags
Description
Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.
Analysis
Privilege escalation in Windows Active Directory Domain Services (AD DS) across Windows 11, Windows 10, and Windows Server platforms allows authenticated network attackers to gain elevated privileges by exploiting improper validation of resource naming restrictions. An attacker with valid domain credentials can leverage this vulnerability to escalate their access level without user interaction. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all AD Domain Services deployments and identify systems running vulnerable versions; notify network and identity teams to increase monitoring for suspicious privilege escalation activity. Within 7 days: Implement network segmentation to restrict lateral movement from standard user accounts to sensitive AD infrastructure; review and enforce strict AD object naming policies to limit resource name manipulation. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today