writeups.xyz / CertPotato – Using ADCS to privesc from virtual and network service accounts to local system

Submitter : c2a

Date: 2 December 2022

Bounty : undisclosed

Vulnerabilities :

• Local Privilege Escalation
• ADCS

Programs :

• Microsoft

Authors :

• Hocine Mahtout (@Sant0rryu)

Link :
https://sensepost.com/blog/2022/certpotato-using-adcs-to-privesc-from-virtual-and-network-service-accounts-to-local-system/