CVE-2022-26923CISA KEVEPSS p99.6%

CVE-2022-26923Microsoft Active Directory Domain Services Privilege Escalation Vulnerability

Microsoft / Active Directory

Description

An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.

Scoring

EPSS83.28% probability of exploitation · percentile 99.6% · 2026-06-16T12:03:06Z

CISA KEV entry

Added to KEV: 2022-08-18

(incoming)1

TypeTargetConfidenceTier
KEVEntryMicrosoft Active Directory Domain Services Privilege Escalation Vulnerabilitykev-cve-2022-269230%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-21293
CVE
CVE-2025-27740
CVE
Microsoft Windows User Profile Service Privilege Escalation Vulnerability
CVE
Microsoft Windows Improper Privilege Management Vulnerability
CVE
Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability
CVE
Microsoft Exchange Server Privilege Escalation Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.