Kerberos on Windows allows unauthorized privilege escalation

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.0

Kerberos on Windows allows unauthorized privilege escalation

CVE-2026-27912

Summary

An attacker with access to an adjacent network can gain elevated permissions on a Windows system using an improperly secured Kerberos configuration. This could allow the attacker to access sensitive data or take control of the system. Users should ensure their Windows system's Kerberos settings are properly configured to prevent unauthorized access.

Original title

Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.

Original description

Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.

nvd CVSS3.1 8.0

Vulnerability type

CWE-285 Improper Authorization

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27912

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026