Speaking about CVE-2020-1472 - Just a periodic reminder to check the ACL permissions that have been set on your DC machine accounts in AD. If a non-DA has GenericAll (Full control) for example. It can reset the DC machine account password and later on pull a DCSync attack.
Speaking about CVE-2020-1472 - Just a periodic reminder to check the ACL permissions that have been set on your DC machine accounts in AD. If a non-DA has GenericAll (Full control) for example. It can reset the DC machine account password and later on pull a DCSync attack.
— Huy (@DebugPrivilege) September 15, 2020