Tag

Adcs

1 brief RSS

Kerberos Authentication Relay via DNS CNAME Abuse (CVE-2026-20929)

An attacker exploits CVE-2026-20929 by manipulating DNS responses to redirect Kerberos authentication to attacker-controlled AD CS, enabling certificate enrollment for persistent access.

kerberos relay adcs cve-2026-20929 credential-access

2r 1t 1c Mar 31, 2026