Microsoft · Active Directory Federation Services
Updated July 15, 2026
A vulnerability in Microsoft Active Directory Federation Services allows an authorized attacker to elevate privileges locally. This issue is significant as it can lead to unauthorized access to sensitive data. The vulnerability was recently added to the CISA Known Exploited Vulnerabilities list.
If left unpatched, this vulnerability could allow attackers to gain elevated privileges, potentially leading to data breaches or lateral movement within the network. This could result in significant financial and reputational damage.
Apply the latest security updates from Microsoft to patch this vulnerability. Ensure that all affected systems are updated as soon as possible.