CVE Discoveries

Browse the list of identity security advisories uncovered by the Semperis Identity Security Research Team, who are globally recognized threat research experts. For more information about our research program, check out the Identity Security Research Library.

All severities
  • All severities
  • Important
  • High
  • Critical
Latest first
  • Latest first
  • Oldest first
CVE ID Description Affected Product Vulnerability Type CWE CVSS Score
Severity
  • All
  • Important
  • High
  • Critical
Published
  • Latest first
  • Oldest first
Patched by
CVE-2022-37994 Windows Group Policy Preference Client Elevation of Privilege Vulnerability — a sibling to CVE-2022-37993, allowing local privilege escalation via the same Group Policy Preference Client component. Windows 10/11, Windows Server 2008–2022 Elevation of Privilege CWE-264 / CWE-284 (Permissions, Privileges, and Access Controls). 7.8 High 2022-10-11 Microsoft (Oct 2022 Patch Tuesday)
CVE-2022-37993 Windows Group Policy Preference Client Elevation of Privilege Vulnerability — allows an authenticated local attacker to gain elevated privileges via Group Policy Preference Client flaws. Windows 10/11, Windows Server 2008–2022 Elevation of Privilege CWE-264 / CWE-284 (Permissions, Privileges, and Access Controls). 7.8 High 2022-10-11 Microsoft (Oct 2022 Patch Tuesday)
CVE-2024-38100 Windows File Explorer Elevation of Privilege Vulnerability — abuses the ShellWindows DCOM object ({9BA05972-F6A8-11CF-A442-00A0C90A8F39}) to escalate privileges and leak NetNTLM hashes from any session (FakePotato technique). Windows Server 2016/2019/2022 Elevation of Privilege CWE-284 (Improper Access Control). 7.8 High 2024-07-09 Microsoft (Jul 2024 Patch Tuesday, KB5040434)
CVE-2023-21746 Windows NTLM Elevation of Privilege Vulnerability (LocalPotato) — exploits a flaw in NTLM local authentication (NTLM reflection attack), enabling arbitrary file read/write and privilege escalation. Windows 10/11, Windows Server 2012–2022 Elevation of Privilege CWE-284 / CWE-269 (Improper Access Control / Privilege Management). 7.8 High 2023-01-10 Microsoft (Jan 2023 Patch Tuesday)
CVE-2022-37975 Windows Group Policy Elevation of Privilege Vulnerability — allows an authenticated attacker to escalate privileges via a flaw in Windows Group Policy processing; higher CVSS than the Preference Client variants. Windows 10 v1809 and later, Windows Server 2019/2022 Elevation of Privilege CWE-269 (Improper Privilege Management). 8.8 High 2022-11-10 Microsoft (Nov 2022 Patch Tuesday)
CVE-2022-37992 Windows Group Policy Elevation of Privilege Vulnerability — authenticated local attacker can exploit weaknesses in Group Policy processing to escalate from low-privileged user to high-level access. Windows 10/11 (multiple versions)<br>Windows Server 2012–2022 Elevation of Privilege CWE-264 / CWE-284 (Permissions, Privileges, and Access Controls). 7.8 Important 2022-11-08 Microsoft (Nov 2022 Patch Tuesday)
CVE-2025-58726 Windows SMB Server Elevation of Privilege Vulnerability — improper access control in the SMB Server component allows an authorized low-privileged network attacker to remotely escalate privileges without user interaction. Windows 10 v1507 (and later builds) Elevation of Privilege CWE-284 (Improper Access Control). 7.5 High 2025-10-14 Microsoft (Oct 2025 Patch Tuesday)
CVE-2025-64669 Windows Admin Center Elevation of Privilege Vulnerability — insecure directory permissions in Windows Admin Center (up to v2.4.2.1 / WAC 2411) allow a local low-privileged attacker to escalate to SYSTEM level. Windows Admin Center ≤ 2.4.2.1 (WAC 2411) Elevation of Privilege CWE-284 (Improper Access Control). 7.8 High 2025-12-11 Microsoft (Dec 2025 Patch Tuesday)
CVE-2026-20929 Windows HTTP.sys Elevation of Privilege Vulnerability — improper access control in Windows HTTP.sys allows an authorized network attacker to elevate privileges; foundational fix that backported EPA (Extended Protection for Authentication) requirements. Windows (multiple versions) Elevation of Privilege CWE-284 (Improper Access Control). 7.6 High 2026-01-13 Microsoft (Jan 2026 Patch Tuesday)
CVE-2026-21529 Azure HDInsight Spoofing Vulnerability – Improper neutralization of input during web page generation ('cross-site scripting') in Azure HDInsights allows an authorized attacker to perform spoofing over a network. Azure HDInsight Spoofing CWE-79 (Improper Neutralization of Input During Web Page Generation / Cross-Site Scripting). 5.7 Important 2026-02-10 Microsoft (Feb 2026 Patch Tuesday)
CVE-2026-26119 Windows Admin Center Elevation of Privilege Vulnerability — network-based privilege escalation bug in Windows Admin Center; patched out-of-band after the January 2026 HTTP.SYS kernel fix; introduced SetProperty(HttpServerChannelBindProperty) for CBT enforcement. Windows Admin Center Elevation of Privilege CWE-287 (Improper Authentication) 8.8 Critical 2026-02-17 Microsoft (Feb 2026 OOB Patch)
CVE-2026-25177 Active Directory Domain Services Elevation of Privilege Vulnerability – Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network. Windows 10/11, Windows Server 2012–2025 Elevation of Privilege CWE-641 (Improper Restriction of Names for Files and Other Resources). 8.8 Important 2026-03-10 Microsoft (Mar 2026 Patch Tuesday)
CVE-2026-23669 Windows RPC Runtime Remote Code Execution Vulnerability — use-after-free flaw in RPC Runtime allows an authorized attacker to execute arbitrary code over a network. Windows (multiple versions) Remote Code Execution CWE-416 (Use After Free). 8.8 High 2026-03-10 Microsoft (Mar 2026 Patch Tuesday)
CVE-2026-27912 Windows Kerberos Elevation of Privilege Vulnerability – Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network. Windows Server 2012–2025 Elevation of Privilege CWE-285 (Improper Authorization) 8.0 Important 2026-04-13 Microsoft (April 2026 Patch Tuesday)