{"id":3940,"date":"2025-05-14T10:03:27","date_gmt":"2025-05-14T10:03:27","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/05\/14\/microsoft-warns-of-ad-cs-vulnerability-let-attackers-deny-service-over-a-network\/"},"modified":"2025-05-14T10:03:27","modified_gmt":"2025-05-14T10:03:27","slug":"microsoft-warns-of-ad-cs-vulnerability-let-attackers-deny-service-over-a-network","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/05\/14\/microsoft-warns-of-ad-cs-vulnerability-let-attackers-deny-service-over-a-network\/","title":{"rendered":"Microsoft Warns of AD CS Vulnerability Let Attackers Deny Service Over a Network"},"content":{"rendered":"

Microsoft Warns of AD CS Vulnerability Let Attackers Deny Service Over a Network
\n \t

\n
<\/BR>
\n
\n \t

\n
<\/BR><\/p>\n

\n

Microsoft has issued a security advisory regarding a new vulnerability in Active Directory<\/a> Certificate Services (AD CS) that could allow attackers to perform denial-of-service attacks over a network.\u00a0<\/p>\n

The vulnerability, identified as CVE-2025-29968, affects multiple versions of Windows Server and has been assigned an \u201cImportant\u201d severity rating with a CVSS score of 6.5\/5.7.<\/p>\n

The security flaw stems from improper input validation in Active Directory Certificate Services, a critical Windows role that enables organizations to issue and manage digital certificates for internal security purposes.\u00a0<\/p>\n

Microsoft AD CS Improper Input Validation Flaw<\/strong><\/h2>\n

The issue is categorized under CWE-20, Microsoft\u2019s technical documentation indicates that \u201cImproper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network\u201d.<\/p>\n

When exploited, attackers can cause the AD CS service to become unresponsive, potentially disrupting authentication processes, secure communications, and other certificate-dependent operations across an organization\u2019s infrastructure.<\/p>\n

According to Microsoft\u2019s security bulletin, the vulnerability in the CVSS vector string indicates that this vulnerability can be exploited over a network with low attack complexity and requires low privileges.\u00a0<\/p>\n

No user interaction<\/a> is necessary for exploitation, and while the vulnerability doesn\u2019t impact confidentiality or integrity , it can severely affect availability .<\/p>\n

Researchers note that this vulnerability is concerning because an authenticated attacker with relatively low privileges could potentially disrupt certificate services across an entire organization.<\/p>\n

\n\n\n\n\n\n\n\n
Risk Factors<\/strong><\/td>\nDetails<\/strong><\/td>\n<\/tr>\n
Affected Products<\/td>\n\u2013 Windows Server 2022 (including 23H2 Edition)\u00a0\u2013 Windows Server 2019\u00a0\u2013 Windows Server 2016\u00a0\u2013 Windows Server 2012\/2012 R2\u00a0\u2013 Windows Server 2008\/2008 R2\u00a0<\/td>\n<\/tr>\n
Impact<\/td>\nDenial of Service (DoS) via AD CS service disruption\u00a0<\/td>\n<\/tr>\n
Exploit Prerequisites<\/td>\n\u2013 Low-privileged authenticated access\u00a0\u2013 Active Directory Certificate Services (AD CS) role enabled\u00a0<\/td>\n<\/tr>\n
CVSS 3.1 Score<\/td>\n6.5 (Important)<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

Affected Systems<\/strong><\/h2>\n

The vulnerability impacts multiple Windows Server versions, including:<\/p>\n