Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate privileges locally.
| Vendor | Product | Versions |
|---|---|---|
| microsoft | windows 10 version | 10.0.14393.0, 10.0.17763.0, 6.2.9200.0, 6.2.9200.0, 6.3.9600.0, 6.3.9600.0, 10.0.14393.0, 10.0.14393.0, 10.0.17763.0, 10.0.17763.0, 10.0.20348.0, 10.0.26100.0, 10.0.26100.0 |
Updated description with new technical details, changed severity to CRITICAL, added new CWE, and included new tags.
Updated description with specific details about the AD FS vulnerability and added CWE-561, indicating that the exploit is now available.
Initial creation