Active Directory Series: Critical Profiled Vulnerabilities

Critical Profiled Vulnerabilities in Active Directory

Vulnerability Overview

Attackers and penetration testers check for various vulnerabilities when targeting Active Directory environments. Secured’s KEV Catalog Series aims to explain how attackers detect and exploit these vulnerabilities to provide greater awareness of these common attack methods. This post provides an ongoing list of Active Directory vulnerabilities that Secured has reviewed in detail. These vulnerability are categorized off of the Orange CyberDefense AD penetration testing mind map, which can be found here.

Noncredentialed, Quick Compromise Vulnerabilities:

Low Access User Privilege Escalation Vulnerabilities

Credentialed, Known Vulnerabilities