The ESC15 vulnerability targets Active Directory Certificate Services (AD CS), allowing attackers to inject unauthorized EKUs into Schema Version 1 templates and escalate privileges. Organizations must act swiftly to implement mitigation measures and ensure their certificate templates are secure. #ESC15 #ActiveDirectoryCertificateServices
Keypoints
- ESC15 exploits a logic flaw in Schema Version 1 certificate templates in AD CS.
- Attackers can inject unauthorized EKUs, such as Client Authentication, into certificates.
- This vulnerability enables privilege escalation to Domain Admin without password compromise.
- Mitigation includes removing old templates, enforcing strict EKU checks, and applying patches.
- Tools like Certipy support exploiting and detecting this vulnerability in vulnerable environments.
Read More: https://www.hackingarticles.in/adcs-esc15-exploiting-template-schema-v1/