Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol
released on 2021-05-02 @ 12:23:50 AM
SentinelOne researchers discovered that every Windows system is vulnerable to a particular NTLM relay attack that could allow attackers to escalate privileges from User to Domain Admin. The current status of this vulnerability is “won’t fix”. Enterprise security teams are encouraged to follow the recommendations and mitigations given in the blog.