All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2022-26925
NONEKEVpublish date unavailable
CVSS / 10
// description
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.
// required action (CISA KEV)
Apply remediation actions outlined in CISA guidance [https://www.cisa.gov/guidance-applying-june-microsoft-patch].
added 2022-07-01 00:00 UTC