Improper Authorization in Windows and Windows Server - CVE-2026-54121
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a remote user to escalate privileges.
The vulnerability exists due to improper authorization in Active Directory Certificate Services (AD CS) when processing certificate requests for manipulated machine account attributes. A remote user can manipulate attributes associated with a machine account and obtain a certificate that allows authentication as that machine via PKINIT to escalate privileges.
If a Domain Controller account can be targeted, the vulnerability may allow privileged Active Directory operations.