Windows Active Directory: Unauthorized Privilege Escalation via File Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.8

Windows Active Directory: Unauthorized Privilege Escalation via File Access

CVE-2026-25177

Summary

An attacker with authorized access to a Windows Active Directory can potentially gain elevated privileges and control over network resources. This is a concern for organizations with sensitive data stored on shared network drives. To mitigate this issue, ensure that access controls and file permissions are properly configured and regularly reviewed.

Original title

Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

Original description

Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

nvd CVSS3.1 8.8

Vulnerability type

CWE-641

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25177

Published: 10 Mar 2026 · Updated: 14 Mar 2026 · First seen: 11 Mar 2026